<= Back

AOSA-2016-0034: Update OpenJPEG

December 9, 2016

Please update your openjpeg package to version 2.1.2-1.

Two vulnerabilities in OpenJPEG have just been disclosed:

  • CVE-2016-9580 integer overflow in tiftoimage resulting into heap buffer overflow.
  • CVE-2016-9581 infinite loop in tiftoimage resulting into heap buffer overflow in convert_32s_C1P1.

Relevant documentation:

Copyleft 2011–2024, Members of the Community   |   Site Language