Bug#800149: openjpeg2: Use-after-free in opj_j2k_write_mco

2016-05-12 Thread Salvatore Bonaccorso 
Control: retitle -1 openjpeg2: CVE-2015-8871: Use-after-free in 
opj_j2k_write_mco

Hi,

On Sun, Sep 27, 2015 at 01:54:25PM +0200, Salvatore Bonaccorso wrote:
> Source: openjpeg2
> Version: 2.1.0-2
> Severity: important
> Tags: security upstream patch fixed-upstream
> Forwarded: https://github.com/uclouvain/openjpeg/issues/563
> 
> Hi
> 
> A use-after-free vulnerability was found in openjpeg2, see
> http://www.openwall.com/lists/oss-security/2015/09/15/4 for the
> corresponding CVE request (no CVE assigned so far).
> 
> Upstream issue: https://github.com/uclouvain/openjpeg/issues/563

This issue has been assigned CVE-2015-8871.

Regards,
Salvatore

Bug#800149: openjpeg2: Use-after-free in opj_j2k_write_mco

2015-09-27 Thread Salvatore Bonaccorso 
Source: openjpeg2
Version: 2.1.0-2
Severity: important
Tags: security upstream patch fixed-upstream
Forwarded: https://github.com/uclouvain/openjpeg/issues/563

Hi

A use-after-free vulnerability was found in openjpeg2, see
http://www.openwall.com/lists/oss-security/2015/09/15/4 for the
corresponding CVE request (no CVE assigned so far).

Upstream issue: https://github.com/uclouvain/openjpeg/issues/563

Regards,
Salvatore