Security Information / 2021 / Security Information -- DSA-4882-1 openjpeg2

Debian Security Advisory

DSA-4882-1 openjpeg2 -- security update

Date Reported:

01 Apr 2021

Affected Packages:

openjpeg2

Vulnerable:

Yes

Security database references:

In Mitre's CVE dictionary: CVE-2020-6851, CVE-2020-8112, CVE-2020-15389, CVE-2020-27814, CVE-2020-27823, CVE-2020-27824, CVE-2020-27841, CVE-2020-27842, CVE-2020-27843, CVE-2020-27845.

More information:

Multiple vulnerabilities have been discovered in openjpeg2, the open-source JPEG 2000 codec, which could result in denial of service or the execution of arbitrary code when opening a malformed image.

For the stable distribution (buster), these problems have been fixed in version 2.3.0-2+deb10u2.

We recommend that you upgrade your openjpeg2 packages.

For the detailed security status of openjpeg2 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/openjpeg2