openjpeg-1.3-16.AXS4
エラータID: AXSA:2017-1347:01
OpenJPEG is an open-source JPEG 2000 codec written in C language. It has been
developed in order to promote the use of JPEG 2000, the new still-image
compression standard from the Joint Photographic Experts Group (JPEG).
Security issues fixed with this release:
CVE-2016-5139
Multiple integer overflows in the opj_tcd_init_tile function in tcd.c
in OpenJPEG, as used in PDFium in Google Chrome before 52.0.2743.116,
allow remote attackers to cause a denial of service (heap-based buffer
overflow) or possibly have unspecified other impact via crafted JPEG
2000 data.
CVE-2016-5158
Multiple integer overflows in the opj_tcd_init_tile function in tcd.c
in OpenJPEG, as used in PDFium in Google Chrome before 53.0.2785.89 on
Windows and OS X and before 53.0.2785.92 on Linux, allow remote
attackers to cause a denial of service (heap-based buffer overflow) or
possibly have unspecified other impact via crafted JPEG 2000 data.
CVE-2016-5159
Multiple integer overflows in OpenJPEG, as used in PDFium in Google
Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92
on Linux, allow remote attackers to cause a denial of service
(heap-based buffer overflow) or possibly have unspecified other impact
via crafted JPEG 2000 data that is mishandled during
opj_aligned_malloc calls in dwt.c and t1.c.
CVE-2016-7163
Integer overflow in the opj_pi_create_decode function in pi.c in
OpenJPEG allows remote attackers to execute arbitrary code via a
crafted JP2 file, which triggers an out-of-bounds read or write.
CVE-2016-9675
openjpeg: A heap-based buffer overflow flaw was found in the patch for
CVE-2013-6045. A crafted j2k image could cause the application to
crash, or potentially execute arbitrary code.
Update package.
Multiple integer overflows in the opj_tcd_init_tile function in tcd.c in OpenJPEG, as used in PDFium in Google Chrome before 52.0.2743.116, allow remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted JPEG 2000 data.
Multiple integer overflows in the opj_tcd_init_tile function in tcd.c in OpenJPEG, as used in PDFium in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, allow remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted JPEG 2000 data.
Multiple integer overflows in OpenJPEG, as used in PDFium in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, allow remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted JPEG 2000 data that is mishandled during opj_aligned_malloc calls in dwt.c and t1.c.
Integer overflow in the opj_pi_create_decode function in pi.c in OpenJPEG allows remote attackers to execute arbitrary code via a crafted JP2 file, which triggers an out-of-bounds read or write.
openjpeg: A heap-based buffer overflow flaw was found in the patch for CVE-2013-6045. A crafted j2k image could cause the application to crash, or potentially execute arbitrary code.
N/A
SRPMS
- openjpeg-1.3-16.AXS4.src.rpm
MD5: abcebb5f74a1880efceacbd6ea37927e
SHA-256: 1cbe0f48fe898a44c709614e273cb5580168d77b1b51f378fe2d9e38caad12f3
Size: 0.99 MB
Asianux Server 4 for x86
- openjpeg-libs-1.3-16.AXS4.i686.rpm
MD5: 430c1da5866cc08fa5bbfe5389ffb108
SHA-256: 185f529f00ff30de40e67af8a28820e11bc00bcce2e18f621059e269c0b45b58
Size: 61.12 kB
Asianux Server 4 for x86_64
- openjpeg-libs-1.3-16.AXS4.x86_64.rpm
MD5: 81e8a2cc1680091fd7d3671c4a378ae0
SHA-256: a7d17a3c87fc3308b5aba71e533aabc5420f06d333b7d7cea92be4010910ab35
Size: 60.77 kB - openjpeg-libs-1.3-16.AXS4.i686.rpm
MD5: 430c1da5866cc08fa5bbfe5389ffb108
SHA-256: 185f529f00ff30de40e67af8a28820e11bc00bcce2e18f621059e269c0b45b58
Size: 61.12 kB