CVE-2016-9573

CVE-2016-9573 is an out-of-bounds read in OpenJPEG 2.1.2 (j2k_to_image tool). A crafted JPEG2000 file could crash the app or potentially disclose heap data. No exploitation details are provided in the documents. Remediation guidance across connected sources indicates upgrading OpenJPEG (e.g., to ...

Virtuozzo 7 : openjpeg / openjpeg-devel / openjpeg-libs (VZLSA-2017-0838)

An update for openjpeg is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

EulerOS 2.0 SP1 : openjpeg (EulerOS-SA-2017-1088)

According to the versions of the openjpeg package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Multiple integer overflow flaws, leading to heap-based buffer overflows, were found in OpenJPEG. A specially crafted JPEG2000 image could cause...

CentOS Update for openjpeg CESA-2017:0838 centos7

Check the version of openjpeg SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882686";...

CentOS 7 : openjpeg (CESA-2017:0838)

An update for openjpeg is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

Scientific Linux Security Update : openjpeg on SL7.x x86_64 (20170322)

Security Fixes : - Multiple integer overflow flaws, leading to heap-based buffer overflows, were found in OpenJPEG. A specially crafted JPEG2000 image could cause an application using OpenJPEG to crash or, potentially, execute arbitrary code. CVE-2016-5139, CVE-2016-5158, CVE-2016-5159,...

Oracle Linux 7 : openjpeg (ELSA-2017-0838)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2017-0838 advisory. - Revert previous changes in patch for CVE-2016-5159 - Add two more allocation checks to patch for CVE-2016-5159 Related: 1419772 - Fix CWE-825 errors ...

RHEL 7 : openjpeg (RHSA-2017:0838)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2017:0838 advisory. OpenJPEG is an open source library for reading and writing image files in JPEG2000 format. Security Fixes: Multiple integer overflow flaws,...

openjpeg security update

1.5.1-16 - Revert previous changes in patch for CVE-2016-5159 - Fix memory leaks Related: 1419772 1.5.1-15 - Add two more allocation checks to patch for CVE-2016-5159 Related: 1419772 1.5.1-14 - Fix CWE-825 errors in patch for CVE-2016-5158 Related: 1419772 1.5.1-13 - Add patches for CVE-2016-513...

[SECURITY] [DSA 3678-1] openjpeg2 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3768-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff January 20, 2017 https://www.debian.org/security/faq -...

openSUSE Security Update : openjpeg2 (openSUSE-2017-120)

This update for openjpeg2 fixes the following issues : - CVE-2016-9572 CVE-2016-9573: Insuficient check in imagetopnm could lead to heap buffer overflow bsc1014543 - CVE-2016-9580, CVE-2016-9581: Possible Heap buffer overflow via integer overflow and infite loop bsc1014975 - CVE-2016-7445: NULL...

openSUSE Security Update : openjpeg2 (openSUSE-2017-101)

This update for openjpeg2 fixes the following issues : - CVE-2016-9114: NULL pointer Access in function imagetopnm of convert.c:1943jp2 could lead to crash bsc1007740 - CVE-2016-9115: Heap Buffer Overflow in function imagetotga of convert.cjp2 bsc1007741 - CVE-2016-9580, CVE-2016-9581: Possible...

openSUSE Security Update : openjpeg2 (openSUSE-2017-108)

This update for openjpeg2 fixes the following issues : - CVE-2016-9572 CVE-2016-9573: Insuficient check in imagetopnm could lead to heap buffer overflow bsc1014543 - CVE-2016-9580, CVE-2016-9581: Possible Heap buffer overflow via integer overflow and infite loop bsc1014975 - CVE-2016-7445: NULL...

Fedora Update for mingw-openjpeg2 FEDORA-2016-52a1b18397

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora Update for mingw-openjpeg2 FEDORA-2016-89ee54c661

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 24 : mingw-openjpeg2 (2016-52a1b18397)

This update fixes CVE-2016-9580 and CVE-2016-9581. ---- This update adds a patch to fix CVE-2016-9573 and CVE-2016-9572. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean an...

Fedora 25 : mingw-openjpeg2 (2016-89ee54c661)

This update fixes CVE-2016-9580 and CVE-2016-9581. ---- This update adds a patch to fix CVE-2016-9573 and CVE-2016-9572. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean an...

Fedora Update for openjpeg2 FEDORA-2016-0b80dcfe5a

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 24 : openjpeg2 (2016-0b80dcfe5a)

This updates adds a patch to fix CVE-2016-9573 and CVE-2016-9572. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing...