UbuntuUpdates.org

Package "libopenjpip7"

Name: libopenjpip7

Description:

JPEG 2000 Interactive Protocol

Latest version: 2.1.2-1.1+deb9u6build0.16.04.1
Release: xenial (16.04)
Level: updates
Repository: universe
Head package: openjpeg2
Homepage: http://www.openjpeg.org

Links


Download "libopenjpip7"


Other versions of "libopenjpip7" in Xenial

Repository Area Version
base universe 2.1.0-2.1
security universe 2.1.2-1.1+deb9u6build0.16.04.1

Changelog

Version: 2.1.2-1.1+deb9u6build0.16.04.1 2021-03-16 12:06:15 UTC

  openjpeg2 (2.1.2-1.1+deb9u6build0.16.04.1) xenial-security; urgency=medium

  * fake sync from Debian

Source diff to previous version

Version: 2.1.2-1.1+deb9u5build0.16.04.1 2020-09-14 21:06:20 UTC

  openjpeg2 (2.1.2-1.1+deb9u5build0.16.04.1) xenial-security; urgency=medium

  * fake sync from Debian

 -- Mike Salvatore <email address hidden> Mon, 14 Sep 2020 12:31:30 -0400

Source diff to previous version

Version: 2.1.2-1.1+deb9u3build0.16.04.1 2019-06-12 15:06:14 UTC

  openjpeg2 (2.1.2-1.1+deb9u3build0.16.04.1) xenial-security; urgency=medium

  * SECURITY UPDATE: sync from Debian stretch-security

Source diff to previous version

Version: 2.1.2-1.1+deb9u2build0.1 2018-09-03 17:06:13 UTC

  openjpeg2 (2.1.2-1.1+deb9u2build0.1) xenial-security; urgency=medium

  * SECURITY UPDATE: sync from Debian stretch-security
    - Ubuntu changes were applied upstream, so dropping.

Source diff to previous version

Version: 2.1.0-2.1ubuntu0.1 2016-10-14 14:06:38 UTC

  openjpeg2 (2.1.0-2.1ubuntu0.1) xenial-security; urgency=medium

  * SECURITY UPDATE: Out-of-bound heap write possible resulting
    in heap corruption and arbitrary code execution (lp: #1630702)
    - debian/patches/CVE-2016-8332.patch: fix incrementing of
      "l_tcp->m_nb_mcc_records" in opj_j2k_read_mcc
      in src/lib/openjp2/j2k.c.
    - CVE-2016-8332
  * SECURITY UPDATE: Integer overflow possible resulting in
    arbitrary code execution via a crafted JP2 file,
    triggering out-of-bound read or write (lp: #1630702)
    - debian/patches/CVE-2016-7163.patch: fix an integer
      overflow issue in function opj_pi_create_decode of
      pi.c in src/lib/openjp2/pi.c.
    - CVE-2016-7163

 -- Nikita Yerenkov-Scott <email address hidden> Sat, 08 Oct 2016 16:10:43 +0100

1630702 Fix for CVE-2016-8332 and CVE-2016-7163
CVE-2016-7163 Integer overflow in the opj_pi_create_decode function in pi.c in OpenJPEG allows remote attackers to execute arbitrary code via a crafted JP2 file, w



About   -   Send Feedback to @ubuntu_updates