FEDORA-2018-200c84e08a — security update for mingw-openjpeg2 and openjpeg2

stable

mingw-openjpeg2-2.3.0-6.fc28 and openjpeg2-2.3.0-10.fc28

FEDORA-2018-200c84e08a created by smani 4 years ago for Fedora 28

This update fixes CVE-2018-18088 and CVE-2018-6616

How to install

sudo dnf upgrade --refresh --advisory=FEDORA-2018-200c84e08a

This update has been submitted for testing by smani.

4 years ago

This update has been pushed to testing.

4 years ago

samoht0 commented & provided feedback 4 years ago

karma

no regressions noted

hreindl commented & provided feedback 4 years ago

karma

works for me

This update has been submitted for batched by smani.

4 years ago

This update has been submitted for stable by bodhi.

4 years ago

This update has been pushed to stable.

4 years ago

Please login to add feedback.

Metadata

Type

security

Severity

low

Karma

Signed

Content Type

RPM

Test Gating

ignored

Builds

mingw-openjpeg2-2.3.0-6.fc28

openjpeg2-2.3.0-10.fc28

Settings

Unstable by Karma

-3

Stable by Karma

Stable by Time

disabled

Dates

submitted

4 years ago

in testing

4 years ago

in stable

4 years ago

BZ#1542321 CVE-2018-6616 openjpeg2: Excessive iteration in openjp2/t1.c:opj_t1_encode_cblks can allow for denial of service via crafted BMP file

BZ#1542323 CVE-2018-6616 openjpeg2: Excessive iteration in openjp2/t1.c:opj_t1_encode_cblks can allow for denial of service via crafted BMP file [fedora-all]

BZ#1638558 CVE-2018-18088 openjpeg2: NULL pointer dereference in the imagetopnm function of jp2/convert.c

BZ#1638559 CVE-2018-18088 openjpeg2: NULL pointer dereference in the imagetopnm function of jp2/convert.c [fedora-all]

BZ#1638560 CVE-2018-18088 mingw-openjpeg2: openjpeg2: NULL pointer dereference in the imagetopnm function of jp2/convert.c [fedora-all]

mingw-openjpeg2-2.3.0-6.fc28

openjpeg2-2.3.0-10.fc28

Automated Test Results

ignored