* SECURITY UPDATE: Out-of-bound heap write possible resulting
in heap corruption and arbitrary code execution (lp: #1630702)
- debian/patches/CVE-2016-8332.patch: fix incrementing of
"l_tcp->m_nb_mcc_records" in opj_j2k_read_mcc
in src/lib/openjp2/j2k.c.
- CVE-2016-8332
* SECURITY UPDATE: Integer overflow possible resulting in
arbitrary code execution via a crafted JP2 file,
triggering out-of-bound read or write (lp: #1630702)
- debian/patches/CVE-2016-7163.patch: fix an integer
overflow issue in function opj_pi_create_decode of
pi.c in src/lib/openjp2/pi.c.
- CVE-2016-7163
This bug was fixed in the package openjpeg2 - 2.1.0-2.1ubuntu0.1
--------------- 2.1ubuntu0. 1) xenial-security; urgency=medium
openjpeg2 (2.1.0-
* SECURITY UPDATE: Out-of-bound heap write possible resulting patches/ CVE-2016- 8332.patch: fix incrementing of l_tcp-> m_nb_mcc_ records" in opj_j2k_read_mcc openjp2/ j2k.c. patches/ CVE-2016- 7163.patch: fix an integer create_ decode of openjp2/ pi.c.
in heap corruption and arbitrary code execution (lp: #1630702)
- debian/
"
in src/lib/
- CVE-2016-8332
* SECURITY UPDATE: Integer overflow possible resulting in
arbitrary code execution via a crafted JP2 file,
triggering out-of-bound read or write (lp: #1630702)
- debian/
overflow issue in function opj_pi_
pi.c in src/lib/
- CVE-2016-7163
-- Nikita Yerenkov-Scott <email address hidden> Sat, 08 Oct 2016 16:10:43 +0100