openjpeg-1.3-10.AXS4

エラータID: AXSA:2014-074:01

Release date: 
Tuesday, March 18, 2014 - 20:46
Subject: 
openjpeg-1.3-10.AXS4
Affected Channels: 
Asianux Server 4 for x86_64
Asianux Server 4 for x86
Severity: 
High
Description: 

OpenJPEG is an open-source JPEG 2000 codec written in C language. It has been developed in order to promote the use of JPEG 2000, the new still-image compression standard from the Joint Photographic Experts Group (JPEG).

Security issues fixed with this release:

• CVE-2013-1447
OpenJPEG 1.3 and earlier allows remote attackers to cause a denial of service (memory consumption or crash) via unspecified vectors.

• CVE-2013-6045
Multiple heap-based buffer overflows in OpenJPEG 1.3 and earlier might allow remote attackers to execute arbitrary code via unspecified vectors.

• CVE-2013-6052
OpenJPEG 1.3 and earlier allows remote attackers to obtain sensitive information via unspecified vectors.

• CVE-2013-6054
Heap-based buffer overflow in OpenJPEG 1.3 has unspecified impact and remote vectors, a different vulnerability than CVE-2013-6045.

Solution: 

Update packages.

CVEs: 
CVE-2013-1447
OpenJPEG 1.3 and earlier allows remote attackers to cause a denial of service (memory consumption or crash) via unspecified vectors related to NULL pointer dereferences, division-by-zero, and other errors.
CVE-2013-6045
Multiple heap-based buffer overflows in OpenJPEG 1.3 and earlier might allow remote attackers to execute arbitrary code via unspecified vectors.
CVE-2013-6052
OpenJPEG 1.3 and earlier allows remote attackers to obtain sensitive information via unspecified vectors that trigger a heap-based out-of-bounds read.
CVE-2013-6054
Heap-based buffer overflow in OpenJPEG 1.3 has unspecified impact and remote vectors, a different vulnerability than CVE-2013-6045.


Additional Info: 

N/A

Download: 

SRPMS
  1. openjpeg-1.3-10.AXS4.src.rpm
    MD5: 250279dbc675c265adf57c0a138e4cd8
    SHA-256: 5c6fc2db520e054014332897ac51cc79cbde2db50bd7e421a75619424fd3e5b7
    Size: 0.98 MB

Asianux Server 4 for x86
  1. openjpeg-libs-1.3-10.AXS4.i686.rpm
    MD5: fc1db33578d193a91812cfb2a7061be2
    SHA-256: f839edaade6ce07051afd73aa430a840d9d4f9e912deca69b043ec5d16405705
    Size: 59.57 kB

Asianux Server 4 for x86_64
  1. openjpeg-libs-1.3-10.AXS4.x86_64.rpm
    MD5: 0f135068e951df85ae69349224538067
    SHA-256: 7267e21ec34c6974cbee5a6b7396cde638cd25ab7e3ab3bffce37b3c20adcebf
    Size: 59.47 kB
  2. openjpeg-libs-1.3-10.AXS4.i686.rpm
    MD5: fc1db33578d193a91812cfb2a7061be2
    SHA-256: f839edaade6ce07051afd73aa430a840d9d4f9e912deca69b043ec5d16405705
    Size: 59.57 kB