AOSA-2016-0034: Update OpenJPEG
December 9, 2016
Please update your openjpeg
package to version 2.1.2-1
.
Two vulnerabilities in OpenJPEG have just been disclosed:
- CVE-2016-9580 integer overflow in tiftoimage resulting into heap buffer overflow.
- CVE-2016-9581 infinite loop in tiftoimage resulting into heap buffer overflow in convert_32s_C1P1.
Relevant documentation: