openjpeg2-2.3.1-3.el7
エラータID: AXSA:2020-4472:03
Release date:
Wednesday, February 19, 2020 - 12:42
Subject:
openjpeg2-2.3.1-3.el7
Affected Channels:
Asianux Server 7 for x86_64
Severity:
High
Description:
OpenJPEG is an open source library for reading and writing image files in JPEG2000 format.
Security Fix(es):
* openjpeg: heap-based buffer overflow in pj_t1_clbl_decode_processor in openjp2/t1.c (CVE-2020-8112)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
CVE-2020-8112
opj_t1_clbl_decode_processor in openjp2/t1.c in OpenJPEG 2.3.1 through 2020-01-28 has a heap-based buffer overflow in the qmfbid==1 case, a different issue than CVE-2020-6851.
Solution:
Update packages.
CVEs:
CVE-2020-8112
opj_t1_clbl_decode_processor in openjp2/t1.c in OpenJPEG 2.3.1 through 2020-01-28 has a heap-based buffer overflow in the qmfbid==1 case, a different issue than CVE-2020-6851.
opj_t1_clbl_decode_processor in openjp2/t1.c in OpenJPEG 2.3.1 through 2020-01-28 has a heap-based buffer overflow in the qmfbid==1 case, a different issue than CVE-2020-6851.
Additional Info:
N/A
Download:
SRPMS
- openjpeg2-2.3.1-3.el7.src.rpm
MD5: c4e722ef0a06df8d76eaa674906316bb
SHA-256: 261b68de7bb629e88f3c1d797f8b26c5120b634b3808e94298c87aed0f215fe9
Size: 2.12 MB
Asianux Server 7 for x86_64
- openjpeg2-2.3.1-3.el7.x86_64.rpm
MD5: 885bf93b4dbe15755dd0126f08d44aa3
SHA-256: 98f2b3a019d0932da97ee200349ec03d8f0ffc7be2c6e48e422dcfa96deca211
Size: 152.02 kB - openjpeg2-2.3.1-3.el7.i686.rpm
MD5: 157cb1dbe08682b4a76e117afc1439ce
SHA-256: 998e4ad39b3df9111ed41b8cc751566b2e703056a3d5ab961d1ec6a0cffd7f7f
Size: 153.26 kB
日本語