UbuntuUpdates.org

Package "openjpeg2"

Name: openjpeg2

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • JPEG 2000 image compression/decompression library
  • debug symbols for libopenjp2-7, a JPEG 2000 image library
  • development files for OpenJPEG, a JPEG 2000 image library
  • command-line tools using the JPEG 2000 library
Latest version: 2.1.2-1.1+deb9u6build0.16.04.1
Release: xenial (16.04)
Level: updates
Repository: universe

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Other versions of "openjpeg2" in Xenial

Repository Area Version
base universe 2.1.0-2.1
security universe 2.1.2-1.1+deb9u6build0.16.04.1

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 2.1.2-1.1+deb9u6build0.16.04.1 2021-03-16 12:06:15 UTC

  openjpeg2 (2.1.2-1.1+deb9u6build0.16.04.1) xenial-security; urgency=medium

  * fake sync from Debian
Source diff to previous version

Version: 2.1.2-1.1+deb9u5build0.16.04.1 2020-09-14 21:06:20 UTC

  openjpeg2 (2.1.2-1.1+deb9u5build0.16.04.1) xenial-security; urgency=medium

  * fake sync from Debian

 -- Mike Salvatore <email address hidden> Mon, 14 Sep 2020 12:31:30 -0400
Source diff to previous version

Version: 2.1.2-1.1+deb9u3build0.16.04.1 2019-06-12 15:06:14 UTC

  openjpeg2 (2.1.2-1.1+deb9u3build0.16.04.1) xenial-security; urgency=medium

  * SECURITY UPDATE: sync from Debian stretch-security
Source diff to previous version

Version: 2.1.2-1.1+deb9u2build0.1 2018-09-03 17:06:13 UTC

  openjpeg2 (2.1.2-1.1+deb9u2build0.1) xenial-security; urgency=medium

  * SECURITY UPDATE: sync from Debian stretch-security
    - Ubuntu changes were applied upstream, so dropping.
Source diff to previous version

Version: 2.1.0-2.1ubuntu0.1 2016-10-14 14:06:38 UTC

  openjpeg2 (2.1.0-2.1ubuntu0.1) xenial-security; urgency=medium

  * SECURITY UPDATE: Out-of-bound heap write possible resulting
    in heap corruption and arbitrary code execution (lp: #1630702)
    - debian/patches/CVE-2016-8332.patch: fix incrementing of
      "l_tcp->m_nb_mcc_records" in opj_j2k_read_mcc
      in src/lib/openjp2/j2k.c.
    - CVE-2016-8332
  * SECURITY UPDATE: Integer overflow possible resulting in
    arbitrary code execution via a crafted JP2 file,
    triggering out-of-bound read or write (lp: #1630702)
    - debian/patches/CVE-2016-7163.patch: fix an integer
      overflow issue in function opj_pi_create_decode of
      pi.c in src/lib/openjp2/pi.c.
    - CVE-2016-7163

 -- Nikita Yerenkov-Scott <email address hidden> Sat, 08 Oct 2016 16:10:43 +0100
1630702 Fix for CVE-2016-8332 and CVE-2016-7163
CVE-2016-7163 Integer overflow in the opj_pi_create_decode function in pi.c in OpenJPEG allows remote attackers to execute arbitrary code via a crafted JP2 file, w


About   -   Send Feedback to @ubuntu_updates