Debian Security Advisory

DSA-4882-1 openjpeg2 -- security update

Date Reported:
01 Apr 2021
Affected Packages:
Security database references:
In Mitre's CVE dictionary: CVE-2020-6851, CVE-2020-8112, CVE-2020-15389, CVE-2020-27814, CVE-2020-27823, CVE-2020-27824, CVE-2020-27841, CVE-2020-27842, CVE-2020-27843, CVE-2020-27845.
More information:

Multiple vulnerabilities have been discovered in openjpeg2, the open-source JPEG 2000 codec, which could result in denial of service or the execution of arbitrary code when opening a malformed image.

For the stable distribution (buster), these problems have been fixed in version 2.3.0-2+deb10u2.

We recommend that you upgrade your openjpeg2 packages.

For the detailed security status of openjpeg2 please refer to its security tracker page at: