openjpeg2 (2.1.2-1.1+deb9u3build0.16.04.1) xenial-security; urgency=medium
* SECURITY UPDATE: sync from Debian stretch-security
openjpeg2 (2.1.2-1.1+deb9u3) stretch-security; urgency=medium
* Non-maintainer upload by the Security Team.
* CVE-2018-14423: Division-by-zero vulnerabilities in the functions
pi_next_pcrl, pi_next_cprl, and pi_next_rpcl (closes: #904873).
* CVE-2018-6616: Excessive Iteration in opj_t1_encode_cblks
(closes: #889683).
* CVE-2017-17480: Write stack buffer overflow due to missing buffer
length formatter in fscanf call (closes: #884738).
* CVE-2018-18088: Null pointer dereference caused by null image
components in imagetopnm (closes: #910763).
* CVE-2018-5785: Integer overflow in convertbmp.c (closes: #888533).
Date: 2019-06-11 23:02:12.866779+00:00
Changed-By: Steve Beattie <sbeat...@ubuntu.com>
Signed-By: Ubuntu Archive Robot
<cjwatson+ubuntu-archive-ro...@chiark.greenend.org.uk>
https://launchpad.net/ubuntu/+source/openjpeg2/2.1.2-1.1+deb9u3build0.16.04.1
Sorry, changesfile not available.
--
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/xenial-changes
