Debian Security Advisory
DSA-4882-1 openjpeg2 -- security update
- Date Reported:
- 01 Apr 2021
- Affected Packages:
- openjpeg2
- Vulnerable:
- Yes
- Security database references:
- In Mitre's CVE dictionary: CVE-2020-6851, CVE-2020-8112, CVE-2020-15389, CVE-2020-27814, CVE-2020-27823, CVE-2020-27824, CVE-2020-27841, CVE-2020-27842, CVE-2020-27843, CVE-2020-27845.
- More information:
-
Multiple vulnerabilities have been discovered in openjpeg2, the open-source JPEG 2000 codec, which could result in denial of service or the execution of arbitrary code when opening a malformed image.
For the stable distribution (buster), these problems have been fixed in version 2.3.0-2+deb10u2.
We recommend that you upgrade your openjpeg2 packages.
For the detailed security status of openjpeg2 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/openjpeg2