Feist Josselin reports:
Use-after-free was found in openjpeg. The vuln is fixed in version 2.1.1 and was located in opj_j2k_write_mco function.
seclists.org/oss-sec/2015/q3/550
github.com/uclouvain/openjpeg/issues/563