1. Forum
  2. Usenet
  3. LINUX.DEBIAN.ANNOUNCE.SEC

  • [SECURITY] [DSA 4882-1] openjpeg2 security update

    From Moritz Muehlenhoff@21:1/5 to All on Thu Apr 1 22:00:01 2021
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    - ------------------------------------------------------------------------- Debian Security Advisory DSA-4882-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff
    April 01, 2021 https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package : openjpeg2
    CVE ID : CVE-2020-6851 CVE-2020-8112 CVE-2020-15389 CVE-2020-27814
    CVE-2020-27823 CVE-2020-27824 CVE-2020-27841 CVE-2020-27842
    CVE-2020-27843 CVE-2020-27845

    Multiple vulnerabilities have been discovered in openjpeg2, the
    open-source JPEG 2000 codec, which could result in denial of service or
    the execution of arbitrary code when opening a malformed image.

    For the stable distribution (buster), these problems have been fixed in
    version 2.3.0-2+deb10u2.

    We recommend that you upgrade your openjpeg2 packages.

    For the detailed security status of openjpeg2 please refer to
    its security tracker page at: https://security-tracker.debian.org/tracker/openjpeg2

    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://www.debian.org/security/

    Mailing list: debian-security-announce@lists.debian.org
    -----BEGIN PGP SIGNATURE-----

    iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmBmIUYACgkQEMKTtsN8 TjYA5w//cWmhgNzMX/EHC3y0BAMFGSnaqzvHftcpPjaq3/ZC3dtQQ5OCL1+dmjdj 0gM7Q1/88WO3HRsJ72AJstZeDf1zIBvLZlPPottlXT2XfGCWFkW26rtb808pOpiq H8wzaBPLB/IkwA2k+DExHG+jpBNaDeu9c544Tt94KU41XUjAK0jGc+wGVLeFrRZs rXrOdyCdnoaHf9haWOEOTtZPXUU2LKxyDNHBZGgNlpU8bSiKZOT/YPayXhP3YDhO vRDXfDdCd11M8pNVhXNGJLvVud7+QQP1NgjqgwpOCR6DXg3Fd1ilkWY+nBrlJkvv x33IYB1E78d0QGK4r5nXZrGA2K4jBflIw3n1YHpdVd2+UDLBFcgAFLZmGBV3XHWb 4+xVlmjR8IDgvdn8CjalXyqRe6z+EaWSb9PsQHBIQV1jR7ZVghEnsite/qiqE1H0 7Gj5m2sTJXEbOEsfh24bXpNgx/USt7IRvlckYQSRiwZieS0yCk7LW1R9twggpy7E NgCIZnfbFH9ugf/EDtzX+kT5FkCpBTxNfv3M0tBNgc9635mln/1jFACxZ187KDCX xxNj3W2010JbnCWcjSvGk8S8oD9mVJUhwSrwpXj2gMD5cg6DHqG5fwUiAa2Dg0TS AsEd4FlRMe2vVEaxkLDJpYzVOz/0AKW+e0oo7AJ4CmINDbO0jXQ=
    =Q7e7
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)