{"update": {"autokarma": false, "autotime": false, "stable_karma": 3, "stable_days": 14, "unstable_karma": -3, "require_bugs": true, "require_testcases": true, "display_name": "", "notes": "Backport patches for CVE-2020-27814, CVE-2020-27823, CVE-2020-27824, CVE-2020-27841, CVE-2020-27842, CVE-2020-27843, CVE-2020-27845, CVE-2020-6851, CVE-2020-8112.\n\n----\n\nThis update fixes an incorrect unbundling of third-party libraries which resulted in the corresponding system libraries also not being used.", "type": "security", "status": "unpushed", "request": null, "severity": "medium", "suggest": "unspecified", "locked": false, "pushed": false, "critpath": false, "critpath_groups": null, "close_bugs": true, "date_submitted": "2020-12-17 16:26:10", "date_modified": null, "date_approved": null, "date_testing": "2020-12-18 01:30:26", "date_stable": null, "alias": "FEDORA-EPEL-2020-4a9fc09599", "test_gating_status": "ignored", "from_tag": null, "date_pushed": "2020-12-18 01:30:26", "meets_testing_requirements": true, "url": "https://bodhi.stg.fedoraproject.org/updates/FEDORA-EPEL-2020-4a9fc09599", "title": "openjpeg2-2.3.1-10.el7", "version_hash": "fbfcd47e6c139d25d74df0a19e7faf7827abe7f9", "release": {"name": "EPEL-7", "long_name": "Fedora EPEL 7", "version": "7", "id_prefix": "FEDORA-EPEL", "branch": "epel7", "dist_tag": "epel7", "stable_tag": "epel7", "testing_tag": "epel7-testing", "candidate_tag": "epel7-testing-candidate", "pending_signing_tag": "epel7-signing-pending", "pending_testing_tag": "epel7-testing-pending", "pending_stable_tag": "epel7-pending", "override_tag": "epel7-override", "mail_template": "fedora_epel_legacy_errata_template", "state": "archived", "composed_by_bodhi": true, "create_automatic_updates": false, "package_manager": "unspecified", "testing_repository": null, "released_on": null, "eol": null, "critpath_mandatory_days_in_testing": 14, "mandatory_days_in_testing": 7, "critpath_min_karma": 2, "min_karma": 1, "setting_status": null}, "user": {"name": "smani", "email": "manisandro@gmail.com", "id": 117, "avatar": "https://seccdn.libravatar.org/avatar/30146b3eb0f2f15ffe42bd8fcd8a1fef46a4ce6a2025fb7052caaa089ce2e0cd?s=24&d=retro", "openid": "smani.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "provenpackager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "trust admins"}]}, "comments": [{"karma": 0, "karma_critpath": 0, "text": "This update has been submitted for testing by smani. ", "timestamp": "2020-12-17 16:26:11", "update_id": 265949, "user_id": 91, "id": 1780253, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.stg.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update's test gating status has been changed to 'ignored'.", "timestamp": "2020-12-17 16:26:11", "update_id": 265949, "user_id": 91, "id": 1780254, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.stg.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update's test gating status has been changed to 'waiting'.", "timestamp": "2020-12-17 16:26:11", "update_id": 265949, "user_id": 91, "id": 1780255, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.stg.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update has obsoleted [openjpeg2-2.3.1-3.el7](https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-25341976b7), and has inherited its bugs and notes.", "timestamp": "2020-12-17 16:26:11", "update_id": 265949, "user_id": 91, "id": 1780257, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.stg.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update's test gating status has been changed to 'ignored'.", "timestamp": "2020-12-17 17:02:48", "update_id": 265949, "user_id": 91, "id": 1780310, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.stg.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update has been pushed to testing.", "timestamp": "2020-12-18 01:31:00", "update_id": 265949, "user_id": 91, "id": 1780933, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.stg.fedoraproject.org", "groups": []}}, {"karma": -1, "karma_critpath": 0, "text": "openjpeg2-2.3.1-3.el7_7 is in rhel7. Please remove this package from epel7. Unfixed issues can only be fixed in rhel7 and this package must be removed from epel7.", "timestamp": "2020-12-18 11:38:05", "update_id": 265949, "user_id": 4048, "id": 1781379, "bug_feedback": [{"karma": 0, "comment_id": 1781379, "bug_id": 1757822, "bug": {"bug_id": 1757822, "title": "opj2_compress/opj2_decompress don't work with png/tiff images", "security": false, "parent": false}}, {"karma": 0, "comment_id": 1781379, "bug_id": 1790515, "bug": {"bug_id": 1790515, "title": "CVE-2020-6851 openjpeg2: openjpeg: a heap-based buffer overflow in opj_t1_clbl_decode_processor in libopenjp2.so [epel-all]", "security": true, "parent": false}}, {"karma": 0, "comment_id": 1781379, "bug_id": 1800537, "bug": {"bug_id": 1800537, "title": "CVE-2020-8112 openjpeg2: openjpeg: heap based buffer overflow in pj_t1_clbl_decode_processor in openjp2/t1.c [epel-all]", "security": true, "parent": false}}, {"karma": 0, "comment_id": 1781379, "bug_id": 1901999, "bug": {"bug_id": 1901999, "title": "CVE-2020-27814 openjpeg2: openjpeg: Heap-buffer-overflow in lib/openjp2/mqc.c could result in DoS [epel-all]", "security": true, "parent": false}}, {"karma": 0, "comment_id": 1781379, "bug_id": 1905726, "bug": {"bug_id": 1905726, "title": "CVE-2020-27824 openjpeg2: openjpeg: global-buffer-overflow read in lib-openjp2 [epel-all]", "security": true, "parent": false}}, {"karma": 0, "comment_id": 1781379, "bug_id": 1906219, "bug": {"bug_id": 1906219, "title": "CVE-2020-27823 openjpeg2: openjpeg: Heap-buffer-overflow write in lib-openjp2 [epel-all]", "security": true, "parent": false}}, {"karma": 0, "comment_id": 1781379, "bug_id": 1907672, "bug": {"bug_id": 1907672, "title": "CVE-2020-27841 openjpeg2: openjpeg: heap-based buffer overflows in lib/openjp2/pi.c [epel-7]", "security": true, "parent": false}}, {"karma": 0, "comment_id": 1781379, "bug_id": 1907679, "bug": {"bug_id": 1907679, "title": "CVE-2020-27842 openjpeg2: openjpeg: null pointer dereference in opj_tgt_reset function in lib/openjp2/tgt.c [epel-7]", "security": true, "parent": false}}, {"karma": 0, "comment_id": 1781379, "bug_id": 1907685, "bug": {"bug_id": 1907685, "title": "CVE-2020-27843 openjpeg2: openjpeg: out-of-bounds read in opj_t2_encode_packet function in openjp2/t2.c [epel-7]", "security": true, "parent": false}}, {"karma": 0, "comment_id": 1781379, "bug_id": 1907700, "bug": {"bug_id": 1907700, "title": "CVE-2020-27845 openjpeg2: openjpeg: heap-based buffer overflow in functions opj_pi_next_rlcp, opj_pi_next_rpcl and opj_pi_next_lrcp in openjp2/pi.c [epel-7]", "security": true, "parent": false}}, {"karma": 0, "comment_id": 1781379, "bug_id": 1907702, "bug": {"bug_id": 1907702, "title": "CVE-2020-27845 openjpeg2: openjpeg: heap-based buffer overflow in functions opj_pi_next_rlcp, opj_pi_next_rpcl and opj_pi_next_lrcp in openjp2/pi.c [fedora-all]", "security": true, "parent": false}}], "testcase_feedback": [], "user": {"name": "tis", "email": "tis@foobar.fi", "id": 4048, "avatar": "https://seccdn.libravatar.org/avatar/3536202e18966e4fbfbcc6d646b90ee7f4e8f68f355b0f421d9780ef623d59c1?s=24&d=retro", "openid": "tis.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "signed_fpca"}, {"name": "trust admins"}]}}, {"karma": 0, "karma_critpath": 0, "text": "Bodhi is disabling automatic push to stable due to negative karma. The maintainer may push manually if they determine that the issue is not severe.", "timestamp": "2020-12-18 11:38:05", "update_id": 265949, "user_id": 91, "id": 1781380, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.stg.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update can be pushed to stable now if the maintainer wishes", "timestamp": "2021-01-01 01:32:43", "update_id": 265949, "user_id": 91, "id": 1796135, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.stg.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update has been unpushed.", "timestamp": "2021-02-21 16:04:09", "update_id": 265949, "user_id": 174, "id": 1898664, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "hobbes1069", "email": "hobbes1069@gmail.com", "id": 174, "avatar": "https://seccdn.libravatar.org/avatar/d46bee4659f1a3c55b116ac575aa0e319e583e5cc56bea70f12a4f5fe4350365?s=24&d=retro", "openid": "hobbes1069.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "provenpackager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "trust admins"}]}}], "builds": [{"nvr": "openjpeg2-2.3.1-10.el7", "signed": true, "release_id": 8, "type": "rpm", "epoch": 0}], "bugs": [{"bug_id": 1757822, "title": "opj2_compress/opj2_decompress don't work with png/tiff images", "security": false, "parent": false, "feedback": [{"karma": 1, "comment_id": 1066960, "bug_id": 1757822, "comment": {"karma": 1, "karma_critpath": 1, "text": "", "timestamp": "2019-10-02 14:29:33", "update_id": 158245, "user_id": 970, "id": 1066960, "testcase_feedback": [], "user": {"name": "nforro", "email": "nforro@redhat.com", "id": 970, "avatar": "https://seccdn.libravatar.org/avatar/c0a1b276101723475a0d713e0f2a26a75b86db21d698fd3be9aa83b0eab37e45?s=24&d=retro", "openid": "nforro.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 1068102, "bug_id": 1757822, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2019-10-03 05:36:06", "update_id": 158246, "user_id": 284, "id": 1068102, "testcase_feedback": [], "user": {"name": "cairo", "email": "hansmueller183@yahoo.com", "id": 284, "avatar": "https://seccdn.libravatar.org/avatar/65ac01c684e76450d8575348b4894728e9c69ffdbd7c08718a4156e8e0daf5b6?s=24&d=retro", "openid": "cairo.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "signed_fpca"}]}}}, {"karma": 0, "comment_id": 1079821, "bug_id": 1757822, "comment": {"karma": 1, "karma_critpath": 0, "text": "Works for me. No regressions noted compared to previous version.", "timestamp": "2019-10-04 08:52:50", "update_id": 158246, "user_id": 308, "id": 1079821, "testcase_feedback": [], "user": {"name": "chr77", "email": "chr77@protonmail.com", "id": 308, "avatar": "https://seccdn.libravatar.org/avatar/c9ddae9d692ab2ea6cecd787db18332407bb29982c8a1eae39771bfb270b71fd?s=24&d=retro", "openid": "chr77.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "trust admins"}]}}}, {"karma": -1, "comment_id": 1081861, "bug_id": 1757822, "comment": {"karma": -1, "karma_critpath": 0, "text": "openjpeg2-2.3.1-1.el7 is in rhel7. Please retire package in epel7.", "timestamp": "2019-10-05 10:52:45", "update_id": 158247, "user_id": 4048, "id": 1081861, "testcase_feedback": [], "user": {"name": "tis", "email": "tis@foobar.fi", "id": 4048, "avatar": "https://seccdn.libravatar.org/avatar/3536202e18966e4fbfbcc6d646b90ee7f4e8f68f355b0f421d9780ef623d59c1?s=24&d=retro", "openid": "tis.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "signed_fpca"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 1084539, "bug_id": 1757822, "comment": {"karma": 1, "karma_critpath": 0, "text": "+1", "timestamp": "2019-10-06 17:58:48", "update_id": 158246, "user_id": 506, "id": 1084539, "testcase_feedback": [], "user": {"name": "smithp", "email": "smithpeter835@yahoo.co.uk", "id": 506, "avatar": "https://seccdn.libravatar.org/avatar/cdf0e9eb825568e6173694f0d1788bd389a980b3497928ce6f44f889943928a5?s=24&d=retro", "openid": "smithp.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}]}}}, {"karma": 0, "comment_id": 1781379, "bug_id": 1757822, "comment": {"karma": -1, "karma_critpath": 0, "text": "openjpeg2-2.3.1-3.el7_7 is in rhel7. Please remove this package from epel7. Unfixed issues can only be fixed in rhel7 and this package must be removed from epel7.", "timestamp": "2020-12-18 11:38:05", "update_id": 265949, "user_id": 4048, "id": 1781379, "testcase_feedback": [], "user": {"name": "tis", "email": "tis@foobar.fi", "id": 4048, "avatar": "https://seccdn.libravatar.org/avatar/3536202e18966e4fbfbcc6d646b90ee7f4e8f68f355b0f421d9780ef623d59c1?s=24&d=retro", "openid": "tis.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "signed_fpca"}, {"name": "trust admins"}]}}}]}, {"bug_id": 1790515, "title": "CVE-2020-6851 openjpeg2: openjpeg: a heap-based buffer overflow in opj_t1_clbl_decode_processor in libopenjp2.so [epel-all]", "security": true, "parent": false, "feedback": [{"karma": 0, "comment_id": 1781379, "bug_id": 1790515, "comment": {"karma": -1, "karma_critpath": 0, "text": "openjpeg2-2.3.1-3.el7_7 is in rhel7. Please remove this package from epel7. Unfixed issues can only be fixed in rhel7 and this package must be removed from epel7.", "timestamp": "2020-12-18 11:38:05", "update_id": 265949, "user_id": 4048, "id": 1781379, "testcase_feedback": [], "user": {"name": "tis", "email": "tis@foobar.fi", "id": 4048, "avatar": "https://seccdn.libravatar.org/avatar/3536202e18966e4fbfbcc6d646b90ee7f4e8f68f355b0f421d9780ef623d59c1?s=24&d=retro", "openid": "tis.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "signed_fpca"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 2046893, "bug_id": 1790515, "comment": {"karma": -1, "karma_critpath": 0, "text": "", "timestamp": "2021-05-28 11:29:20", "update_id": 308770, "user_id": 4048, "id": 2046893, "testcase_feedback": [], "user": {"name": "tis", "email": "tis@foobar.fi", "id": 4048, "avatar": "https://seccdn.libravatar.org/avatar/3536202e18966e4fbfbcc6d646b90ee7f4e8f68f355b0f421d9780ef623d59c1?s=24&d=retro", "openid": "tis.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "signed_fpca"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 2046892, "bug_id": 1790515, "comment": {"karma": 0, "karma_critpath": 0, "text": "This is rhel7 core package. Please retire this package.", "timestamp": "2021-05-28 11:29:12", "update_id": 308770, "user_id": 4048, "id": 2046892, "testcase_feedback": [], "user": {"name": "tis", "email": "tis@foobar.fi", "id": 4048, "avatar": "https://seccdn.libravatar.org/avatar/3536202e18966e4fbfbcc6d646b90ee7f4e8f68f355b0f421d9780ef623d59c1?s=24&d=retro", "openid": "tis.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "signed_fpca"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 2180702, "bug_id": 1790515, "comment": {"karma": 0, "karma_critpath": 0, "text": "Retiring package from EPEL7.\nUnpushing this update.", "timestamp": "2021-08-23 13:31:33", "update_id": 308770, "user_id": 233, "id": 2180702, "testcase_feedback": [], "user": {"name": "tdawson", "email": "tdawson@redhat.com", "id": 233, "avatar": "https://seccdn.libravatar.org/avatar/e0034d87af3e72eecdfa3848707ecc6cc2339078b68d48c05dbaf7e20bf477b2?s=24&d=retro", "openid": "tdawson.id.stg.fedoraproject.org", "groups": [{"name": "nodejs-sig"}, {"name": "provenpackager"}, {"name": "kde-sig"}, {"name": "packager"}, {"name": "eln-sig"}, {"name": "iot"}, {"name": "fedorabugs"}, {"name": "signed_fpca"}, {"name": "sig-atomic"}, {"name": "ipausers"}, {"name": "modularity-wg"}, {"name": "aws-min"}, {"name": "sig-paas"}, {"name": "epel-wranglers"}, {"name": "fedora-contributor"}, {"name": "centosproject-email-aliases"}, {"name": "epel-cabal"}, {"name": "sig-altimages"}, {"name": "gitlab-centos-sig-altimages"}, {"name": "gitlab-centos-sig-isa"}, {"name": "sig-isa"}, {"name": "sig-extras"}, {"name": "sig-docs"}, {"name": "trust admins"}, {"name": "multimedia-sig"}]}}}]}, {"bug_id": 1800537, "title": "CVE-2020-8112 openjpeg2: openjpeg: heap based buffer overflow in pj_t1_clbl_decode_processor in openjp2/t1.c [epel-all]", "security": true, "parent": false, "feedback": [{"karma": 0, "comment_id": 1781379, "bug_id": 1800537, "comment": {"karma": -1, "karma_critpath": 0, "text": "openjpeg2-2.3.1-3.el7_7 is in rhel7. Please remove this package from epel7. Unfixed issues can only be fixed in rhel7 and this package must be removed from epel7.", "timestamp": "2020-12-18 11:38:05", "update_id": 265949, "user_id": 4048, "id": 1781379, "testcase_feedback": [], "user": {"name": "tis", "email": "tis@foobar.fi", "id": 4048, "avatar": "https://seccdn.libravatar.org/avatar/3536202e18966e4fbfbcc6d646b90ee7f4e8f68f355b0f421d9780ef623d59c1?s=24&d=retro", "openid": "tis.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "signed_fpca"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 2046893, "bug_id": 1800537, "comment": {"karma": -1, "karma_critpath": 0, "text": "", "timestamp": "2021-05-28 11:29:20", "update_id": 308770, "user_id": 4048, "id": 2046893, "testcase_feedback": [], "user": {"name": "tis", "email": "tis@foobar.fi", "id": 4048, "avatar": "https://seccdn.libravatar.org/avatar/3536202e18966e4fbfbcc6d646b90ee7f4e8f68f355b0f421d9780ef623d59c1?s=24&d=retro", "openid": "tis.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "signed_fpca"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 2046892, "bug_id": 1800537, "comment": {"karma": 0, "karma_critpath": 0, "text": "This is rhel7 core package. Please retire this package.", "timestamp": "2021-05-28 11:29:12", "update_id": 308770, "user_id": 4048, "id": 2046892, "testcase_feedback": [], "user": {"name": "tis", "email": "tis@foobar.fi", "id": 4048, "avatar": "https://seccdn.libravatar.org/avatar/3536202e18966e4fbfbcc6d646b90ee7f4e8f68f355b0f421d9780ef623d59c1?s=24&d=retro", "openid": "tis.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "signed_fpca"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 2180702, "bug_id": 1800537, "comment": {"karma": 0, "karma_critpath": 0, "text": "Retiring package from EPEL7.\nUnpushing this update.", "timestamp": "2021-08-23 13:31:33", "update_id": 308770, "user_id": 233, "id": 2180702, "testcase_feedback": [], "user": {"name": "tdawson", "email": "tdawson@redhat.com", "id": 233, "avatar": "https://seccdn.libravatar.org/avatar/e0034d87af3e72eecdfa3848707ecc6cc2339078b68d48c05dbaf7e20bf477b2?s=24&d=retro", "openid": "tdawson.id.stg.fedoraproject.org", "groups": [{"name": "nodejs-sig"}, {"name": "provenpackager"}, {"name": "kde-sig"}, {"name": "packager"}, {"name": "eln-sig"}, {"name": "iot"}, {"name": "fedorabugs"}, {"name": "signed_fpca"}, {"name": "sig-atomic"}, {"name": "ipausers"}, {"name": "modularity-wg"}, {"name": "aws-min"}, {"name": "sig-paas"}, {"name": "epel-wranglers"}, {"name": "fedora-contributor"}, {"name": "centosproject-email-aliases"}, {"name": "epel-cabal"}, {"name": "sig-altimages"}, {"name": "gitlab-centos-sig-altimages"}, {"name": "gitlab-centos-sig-isa"}, {"name": "sig-isa"}, {"name": "sig-extras"}, {"name": "sig-docs"}, {"name": "trust admins"}, {"name": "multimedia-sig"}]}}}]}, {"bug_id": 1901999, "title": "CVE-2020-27814 openjpeg2: openjpeg: Heap-buffer-overflow in lib/openjp2/mqc.c could result in DoS [epel-all]", "security": true, "parent": false, "feedback": [{"karma": 0, "comment_id": 1781379, "bug_id": 1901999, "comment": {"karma": -1, "karma_critpath": 0, "text": "openjpeg2-2.3.1-3.el7_7 is in rhel7. Please remove this package from epel7. Unfixed issues can only be fixed in rhel7 and this package must be removed from epel7.", "timestamp": "2020-12-18 11:38:05", "update_id": 265949, "user_id": 4048, "id": 1781379, "testcase_feedback": [], "user": {"name": "tis", "email": "tis@foobar.fi", "id": 4048, "avatar": "https://seccdn.libravatar.org/avatar/3536202e18966e4fbfbcc6d646b90ee7f4e8f68f355b0f421d9780ef623d59c1?s=24&d=retro", "openid": "tis.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "signed_fpca"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 2046893, "bug_id": 1901999, "comment": {"karma": -1, "karma_critpath": 0, "text": "", "timestamp": "2021-05-28 11:29:20", "update_id": 308770, "user_id": 4048, "id": 2046893, "testcase_feedback": [], "user": {"name": "tis", "email": "tis@foobar.fi", "id": 4048, "avatar": "https://seccdn.libravatar.org/avatar/3536202e18966e4fbfbcc6d646b90ee7f4e8f68f355b0f421d9780ef623d59c1?s=24&d=retro", "openid": "tis.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "signed_fpca"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 2046892, "bug_id": 1901999, "comment": {"karma": 0, "karma_critpath": 0, "text": "This is rhel7 core package. Please retire this package.", "timestamp": "2021-05-28 11:29:12", "update_id": 308770, "user_id": 4048, "id": 2046892, "testcase_feedback": [], "user": {"name": "tis", "email": "tis@foobar.fi", "id": 4048, "avatar": "https://seccdn.libravatar.org/avatar/3536202e18966e4fbfbcc6d646b90ee7f4e8f68f355b0f421d9780ef623d59c1?s=24&d=retro", "openid": "tis.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "signed_fpca"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 2180702, "bug_id": 1901999, "comment": {"karma": 0, "karma_critpath": 0, "text": "Retiring package from EPEL7.\nUnpushing this update.", "timestamp": "2021-08-23 13:31:33", "update_id": 308770, "user_id": 233, "id": 2180702, "testcase_feedback": [], "user": {"name": "tdawson", "email": "tdawson@redhat.com", "id": 233, "avatar": "https://seccdn.libravatar.org/avatar/e0034d87af3e72eecdfa3848707ecc6cc2339078b68d48c05dbaf7e20bf477b2?s=24&d=retro", "openid": "tdawson.id.stg.fedoraproject.org", "groups": [{"name": "nodejs-sig"}, {"name": "provenpackager"}, {"name": "kde-sig"}, {"name": "packager"}, {"name": "eln-sig"}, {"name": "iot"}, {"name": "fedorabugs"}, {"name": "signed_fpca"}, {"name": "sig-atomic"}, {"name": "ipausers"}, {"name": "modularity-wg"}, {"name": "aws-min"}, {"name": "sig-paas"}, {"name": "epel-wranglers"}, {"name": "fedora-contributor"}, {"name": "centosproject-email-aliases"}, {"name": "epel-cabal"}, {"name": "sig-altimages"}, {"name": "gitlab-centos-sig-altimages"}, {"name": "gitlab-centos-sig-isa"}, {"name": "sig-isa"}, {"name": "sig-extras"}, {"name": "sig-docs"}, {"name": "trust admins"}, {"name": "multimedia-sig"}]}}}]}, {"bug_id": 1905726, "title": "CVE-2020-27824 openjpeg2: openjpeg: global-buffer-overflow read in lib-openjp2 [epel-all]", "security": true, "parent": false, "feedback": [{"karma": 0, "comment_id": 1781379, "bug_id": 1905726, "comment": {"karma": -1, "karma_critpath": 0, "text": "openjpeg2-2.3.1-3.el7_7 is in rhel7. Please remove this package from epel7. Unfixed issues can only be fixed in rhel7 and this package must be removed from epel7.", "timestamp": "2020-12-18 11:38:05", "update_id": 265949, "user_id": 4048, "id": 1781379, "testcase_feedback": [], "user": {"name": "tis", "email": "tis@foobar.fi", "id": 4048, "avatar": "https://seccdn.libravatar.org/avatar/3536202e18966e4fbfbcc6d646b90ee7f4e8f68f355b0f421d9780ef623d59c1?s=24&d=retro", "openid": "tis.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "signed_fpca"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 2046893, "bug_id": 1905726, "comment": {"karma": -1, "karma_critpath": 0, "text": "", "timestamp": "2021-05-28 11:29:20", "update_id": 308770, "user_id": 4048, "id": 2046893, "testcase_feedback": [], "user": {"name": "tis", "email": "tis@foobar.fi", "id": 4048, "avatar": "https://seccdn.libravatar.org/avatar/3536202e18966e4fbfbcc6d646b90ee7f4e8f68f355b0f421d9780ef623d59c1?s=24&d=retro", "openid": "tis.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "signed_fpca"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 2046892, "bug_id": 1905726, "comment": {"karma": 0, "karma_critpath": 0, "text": "This is rhel7 core package. Please retire this package.", "timestamp": "2021-05-28 11:29:12", "update_id": 308770, "user_id": 4048, "id": 2046892, "testcase_feedback": [], "user": {"name": "tis", "email": "tis@foobar.fi", "id": 4048, "avatar": "https://seccdn.libravatar.org/avatar/3536202e18966e4fbfbcc6d646b90ee7f4e8f68f355b0f421d9780ef623d59c1?s=24&d=retro", "openid": "tis.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "signed_fpca"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 2180702, "bug_id": 1905726, "comment": {"karma": 0, "karma_critpath": 0, "text": "Retiring package from EPEL7.\nUnpushing this update.", "timestamp": "2021-08-23 13:31:33", "update_id": 308770, "user_id": 233, "id": 2180702, "testcase_feedback": [], "user": {"name": "tdawson", "email": "tdawson@redhat.com", "id": 233, "avatar": "https://seccdn.libravatar.org/avatar/e0034d87af3e72eecdfa3848707ecc6cc2339078b68d48c05dbaf7e20bf477b2?s=24&d=retro", "openid": "tdawson.id.stg.fedoraproject.org", "groups": [{"name": "nodejs-sig"}, {"name": "provenpackager"}, {"name": "kde-sig"}, {"name": "packager"}, {"name": "eln-sig"}, {"name": "iot"}, {"name": "fedorabugs"}, {"name": "signed_fpca"}, {"name": "sig-atomic"}, {"name": "ipausers"}, {"name": "modularity-wg"}, {"name": "aws-min"}, {"name": "sig-paas"}, {"name": "epel-wranglers"}, {"name": "fedora-contributor"}, {"name": "centosproject-email-aliases"}, {"name": "epel-cabal"}, {"name": "sig-altimages"}, {"name": "gitlab-centos-sig-altimages"}, {"name": "gitlab-centos-sig-isa"}, {"name": "sig-isa"}, {"name": "sig-extras"}, {"name": "sig-docs"}, {"name": "trust admins"}, {"name": "multimedia-sig"}]}}}]}, {"bug_id": 1906219, "title": "CVE-2020-27823 openjpeg2: openjpeg: Heap-buffer-overflow write in lib-openjp2 [epel-all]", "security": true, "parent": false, "feedback": [{"karma": 0, "comment_id": 1781379, "bug_id": 1906219, "comment": {"karma": -1, "karma_critpath": 0, "text": "openjpeg2-2.3.1-3.el7_7 is in rhel7. Please remove this package from epel7. Unfixed issues can only be fixed in rhel7 and this package must be removed from epel7.", "timestamp": "2020-12-18 11:38:05", "update_id": 265949, "user_id": 4048, "id": 1781379, "testcase_feedback": [], "user": {"name": "tis", "email": "tis@foobar.fi", "id": 4048, "avatar": "https://seccdn.libravatar.org/avatar/3536202e18966e4fbfbcc6d646b90ee7f4e8f68f355b0f421d9780ef623d59c1?s=24&d=retro", "openid": "tis.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "signed_fpca"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 2046893, "bug_id": 1906219, "comment": {"karma": -1, "karma_critpath": 0, "text": "", "timestamp": "2021-05-28 11:29:20", "update_id": 308770, "user_id": 4048, "id": 2046893, "testcase_feedback": [], "user": {"name": "tis", "email": "tis@foobar.fi", "id": 4048, "avatar": "https://seccdn.libravatar.org/avatar/3536202e18966e4fbfbcc6d646b90ee7f4e8f68f355b0f421d9780ef623d59c1?s=24&d=retro", "openid": "tis.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "signed_fpca"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 2046892, "bug_id": 1906219, "comment": {"karma": 0, "karma_critpath": 0, "text": "This is rhel7 core package. Please retire this package.", "timestamp": "2021-05-28 11:29:12", "update_id": 308770, "user_id": 4048, "id": 2046892, "testcase_feedback": [], "user": {"name": "tis", "email": "tis@foobar.fi", "id": 4048, "avatar": "https://seccdn.libravatar.org/avatar/3536202e18966e4fbfbcc6d646b90ee7f4e8f68f355b0f421d9780ef623d59c1?s=24&d=retro", "openid": "tis.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "signed_fpca"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 2180702, "bug_id": 1906219, "comment": {"karma": 0, "karma_critpath": 0, "text": "Retiring package from EPEL7.\nUnpushing this update.", "timestamp": "2021-08-23 13:31:33", "update_id": 308770, "user_id": 233, "id": 2180702, "testcase_feedback": [], "user": {"name": "tdawson", "email": "tdawson@redhat.com", "id": 233, "avatar": "https://seccdn.libravatar.org/avatar/e0034d87af3e72eecdfa3848707ecc6cc2339078b68d48c05dbaf7e20bf477b2?s=24&d=retro", "openid": "tdawson.id.stg.fedoraproject.org", "groups": [{"name": "nodejs-sig"}, {"name": "provenpackager"}, {"name": "kde-sig"}, {"name": "packager"}, {"name": "eln-sig"}, {"name": "iot"}, {"name": "fedorabugs"}, {"name": "signed_fpca"}, {"name": "sig-atomic"}, {"name": "ipausers"}, {"name": "modularity-wg"}, {"name": "aws-min"}, {"name": "sig-paas"}, {"name": "epel-wranglers"}, {"name": "fedora-contributor"}, {"name": "centosproject-email-aliases"}, {"name": "epel-cabal"}, {"name": "sig-altimages"}, {"name": "gitlab-centos-sig-altimages"}, {"name": "gitlab-centos-sig-isa"}, {"name": "sig-isa"}, {"name": "sig-extras"}, {"name": "sig-docs"}, {"name": "trust admins"}, {"name": "multimedia-sig"}]}}}]}, {"bug_id": 1907672, "title": "CVE-2020-27841 openjpeg2: openjpeg: heap-based buffer overflows in lib/openjp2/pi.c [epel-7]", "security": true, "parent": false, "feedback": [{"karma": 0, "comment_id": 1781379, "bug_id": 1907672, "comment": {"karma": -1, "karma_critpath": 0, "text": "openjpeg2-2.3.1-3.el7_7 is in rhel7. Please remove this package from epel7. Unfixed issues can only be fixed in rhel7 and this package must be removed from epel7.", "timestamp": "2020-12-18 11:38:05", "update_id": 265949, "user_id": 4048, "id": 1781379, "testcase_feedback": [], "user": {"name": "tis", "email": "tis@foobar.fi", "id": 4048, "avatar": "https://seccdn.libravatar.org/avatar/3536202e18966e4fbfbcc6d646b90ee7f4e8f68f355b0f421d9780ef623d59c1?s=24&d=retro", "openid": "tis.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "signed_fpca"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 2046893, "bug_id": 1907672, "comment": {"karma": -1, "karma_critpath": 0, "text": "", "timestamp": "2021-05-28 11:29:20", "update_id": 308770, "user_id": 4048, "id": 2046893, "testcase_feedback": [], "user": {"name": "tis", "email": "tis@foobar.fi", "id": 4048, "avatar": "https://seccdn.libravatar.org/avatar/3536202e18966e4fbfbcc6d646b90ee7f4e8f68f355b0f421d9780ef623d59c1?s=24&d=retro", "openid": "tis.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "signed_fpca"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 2046892, "bug_id": 1907672, "comment": {"karma": 0, "karma_critpath": 0, "text": "This is rhel7 core package. Please retire this package.", "timestamp": "2021-05-28 11:29:12", "update_id": 308770, "user_id": 4048, "id": 2046892, "testcase_feedback": [], "user": {"name": "tis", "email": "tis@foobar.fi", "id": 4048, "avatar": "https://seccdn.libravatar.org/avatar/3536202e18966e4fbfbcc6d646b90ee7f4e8f68f355b0f421d9780ef623d59c1?s=24&d=retro", "openid": "tis.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "signed_fpca"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 2180702, "bug_id": 1907672, "comment": {"karma": 0, "karma_critpath": 0, "text": "Retiring package from EPEL7.\nUnpushing this update.", "timestamp": "2021-08-23 13:31:33", "update_id": 308770, "user_id": 233, "id": 2180702, "testcase_feedback": [], "user": {"name": "tdawson", "email": "tdawson@redhat.com", "id": 233, "avatar": "https://seccdn.libravatar.org/avatar/e0034d87af3e72eecdfa3848707ecc6cc2339078b68d48c05dbaf7e20bf477b2?s=24&d=retro", "openid": "tdawson.id.stg.fedoraproject.org", "groups": [{"name": "nodejs-sig"}, {"name": "provenpackager"}, {"name": "kde-sig"}, {"name": "packager"}, {"name": "eln-sig"}, {"name": "iot"}, {"name": "fedorabugs"}, {"name": "signed_fpca"}, {"name": "sig-atomic"}, {"name": "ipausers"}, {"name": "modularity-wg"}, {"name": "aws-min"}, {"name": "sig-paas"}, {"name": "epel-wranglers"}, {"name": "fedora-contributor"}, {"name": "centosproject-email-aliases"}, {"name": "epel-cabal"}, {"name": "sig-altimages"}, {"name": "gitlab-centos-sig-altimages"}, {"name": "gitlab-centos-sig-isa"}, {"name": "sig-isa"}, {"name": "sig-extras"}, {"name": "sig-docs"}, {"name": "trust admins"}, {"name": "multimedia-sig"}]}}}]}, {"bug_id": 1907679, "title": "CVE-2020-27842 openjpeg2: openjpeg: null pointer dereference in opj_tgt_reset function in lib/openjp2/tgt.c [epel-7]", "security": true, "parent": false, "feedback": [{"karma": 0, "comment_id": 1781379, "bug_id": 1907679, "comment": {"karma": -1, "karma_critpath": 0, "text": "openjpeg2-2.3.1-3.el7_7 is in rhel7. Please remove this package from epel7. Unfixed issues can only be fixed in rhel7 and this package must be removed from epel7.", "timestamp": "2020-12-18 11:38:05", "update_id": 265949, "user_id": 4048, "id": 1781379, "testcase_feedback": [], "user": {"name": "tis", "email": "tis@foobar.fi", "id": 4048, "avatar": "https://seccdn.libravatar.org/avatar/3536202e18966e4fbfbcc6d646b90ee7f4e8f68f355b0f421d9780ef623d59c1?s=24&d=retro", "openid": "tis.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "signed_fpca"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 2046893, "bug_id": 1907679, "comment": {"karma": -1, "karma_critpath": 0, "text": "", "timestamp": "2021-05-28 11:29:20", "update_id": 308770, "user_id": 4048, "id": 2046893, "testcase_feedback": [], "user": {"name": "tis", "email": "tis@foobar.fi", "id": 4048, "avatar": "https://seccdn.libravatar.org/avatar/3536202e18966e4fbfbcc6d646b90ee7f4e8f68f355b0f421d9780ef623d59c1?s=24&d=retro", "openid": "tis.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "signed_fpca"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 2046892, "bug_id": 1907679, "comment": {"karma": 0, "karma_critpath": 0, "text": "This is rhel7 core package. Please retire this package.", "timestamp": "2021-05-28 11:29:12", "update_id": 308770, "user_id": 4048, "id": 2046892, "testcase_feedback": [], "user": {"name": "tis", "email": "tis@foobar.fi", "id": 4048, "avatar": "https://seccdn.libravatar.org/avatar/3536202e18966e4fbfbcc6d646b90ee7f4e8f68f355b0f421d9780ef623d59c1?s=24&d=retro", "openid": "tis.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "signed_fpca"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 2180702, "bug_id": 1907679, "comment": {"karma": 0, "karma_critpath": 0, "text": "Retiring package from EPEL7.\nUnpushing this update.", "timestamp": "2021-08-23 13:31:33", "update_id": 308770, "user_id": 233, "id": 2180702, "testcase_feedback": [], "user": {"name": "tdawson", "email": "tdawson@redhat.com", "id": 233, "avatar": "https://seccdn.libravatar.org/avatar/e0034d87af3e72eecdfa3848707ecc6cc2339078b68d48c05dbaf7e20bf477b2?s=24&d=retro", "openid": "tdawson.id.stg.fedoraproject.org", "groups": [{"name": "nodejs-sig"}, {"name": "provenpackager"}, {"name": "kde-sig"}, {"name": "packager"}, {"name": "eln-sig"}, {"name": "iot"}, {"name": "fedorabugs"}, {"name": "signed_fpca"}, {"name": "sig-atomic"}, {"name": "ipausers"}, {"name": "modularity-wg"}, {"name": "aws-min"}, {"name": "sig-paas"}, {"name": "epel-wranglers"}, {"name": "fedora-contributor"}, {"name": "centosproject-email-aliases"}, {"name": "epel-cabal"}, {"name": "sig-altimages"}, {"name": "gitlab-centos-sig-altimages"}, {"name": "gitlab-centos-sig-isa"}, {"name": "sig-isa"}, {"name": "sig-extras"}, {"name": "sig-docs"}, {"name": "trust admins"}, {"name": "multimedia-sig"}]}}}]}, {"bug_id": 1907685, "title": "CVE-2020-27843 openjpeg2: openjpeg: out-of-bounds read in opj_t2_encode_packet function in openjp2/t2.c [epel-7]", "security": true, "parent": false, "feedback": [{"karma": 0, "comment_id": 1781379, "bug_id": 1907685, "comment": {"karma": -1, "karma_critpath": 0, "text": "openjpeg2-2.3.1-3.el7_7 is in rhel7. Please remove this package from epel7. Unfixed issues can only be fixed in rhel7 and this package must be removed from epel7.", "timestamp": "2020-12-18 11:38:05", "update_id": 265949, "user_id": 4048, "id": 1781379, "testcase_feedback": [], "user": {"name": "tis", "email": "tis@foobar.fi", "id": 4048, "avatar": "https://seccdn.libravatar.org/avatar/3536202e18966e4fbfbcc6d646b90ee7f4e8f68f355b0f421d9780ef623d59c1?s=24&d=retro", "openid": "tis.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "signed_fpca"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 2046893, "bug_id": 1907685, "comment": {"karma": -1, "karma_critpath": 0, "text": "", "timestamp": "2021-05-28 11:29:20", "update_id": 308770, "user_id": 4048, "id": 2046893, "testcase_feedback": [], "user": {"name": "tis", "email": "tis@foobar.fi", "id": 4048, "avatar": "https://seccdn.libravatar.org/avatar/3536202e18966e4fbfbcc6d646b90ee7f4e8f68f355b0f421d9780ef623d59c1?s=24&d=retro", "openid": "tis.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "signed_fpca"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 2046892, "bug_id": 1907685, "comment": {"karma": 0, "karma_critpath": 0, "text": "This is rhel7 core package. Please retire this package.", "timestamp": "2021-05-28 11:29:12", "update_id": 308770, "user_id": 4048, "id": 2046892, "testcase_feedback": [], "user": {"name": "tis", "email": "tis@foobar.fi", "id": 4048, "avatar": "https://seccdn.libravatar.org/avatar/3536202e18966e4fbfbcc6d646b90ee7f4e8f68f355b0f421d9780ef623d59c1?s=24&d=retro", "openid": "tis.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "signed_fpca"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 2180702, "bug_id": 1907685, "comment": {"karma": 0, "karma_critpath": 0, "text": "Retiring package from EPEL7.\nUnpushing this update.", "timestamp": "2021-08-23 13:31:33", "update_id": 308770, "user_id": 233, "id": 2180702, "testcase_feedback": [], "user": {"name": "tdawson", "email": "tdawson@redhat.com", "id": 233, "avatar": "https://seccdn.libravatar.org/avatar/e0034d87af3e72eecdfa3848707ecc6cc2339078b68d48c05dbaf7e20bf477b2?s=24&d=retro", "openid": "tdawson.id.stg.fedoraproject.org", "groups": [{"name": "nodejs-sig"}, {"name": "provenpackager"}, {"name": "kde-sig"}, {"name": "packager"}, {"name": "eln-sig"}, {"name": "iot"}, {"name": "fedorabugs"}, {"name": "signed_fpca"}, {"name": "sig-atomic"}, {"name": "ipausers"}, {"name": "modularity-wg"}, {"name": "aws-min"}, {"name": "sig-paas"}, {"name": "epel-wranglers"}, {"name": "fedora-contributor"}, {"name": "centosproject-email-aliases"}, {"name": "epel-cabal"}, {"name": "sig-altimages"}, {"name": "gitlab-centos-sig-altimages"}, {"name": "gitlab-centos-sig-isa"}, {"name": "sig-isa"}, {"name": "sig-extras"}, {"name": "sig-docs"}, {"name": "trust admins"}, {"name": "multimedia-sig"}]}}}]}, {"bug_id": 1907700, "title": "CVE-2020-27845 openjpeg2: openjpeg: heap-based buffer overflow in functions opj_pi_next_rlcp, opj_pi_next_rpcl and opj_pi_next_lrcp in openjp2/pi.c [epel-7]", "security": true, "parent": false, "feedback": [{"karma": 0, "comment_id": 1781379, "bug_id": 1907700, "comment": {"karma": -1, "karma_critpath": 0, "text": "openjpeg2-2.3.1-3.el7_7 is in rhel7. Please remove this package from epel7. Unfixed issues can only be fixed in rhel7 and this package must be removed from epel7.", "timestamp": "2020-12-18 11:38:05", "update_id": 265949, "user_id": 4048, "id": 1781379, "testcase_feedback": [], "user": {"name": "tis", "email": "tis@foobar.fi", "id": 4048, "avatar": "https://seccdn.libravatar.org/avatar/3536202e18966e4fbfbcc6d646b90ee7f4e8f68f355b0f421d9780ef623d59c1?s=24&d=retro", "openid": "tis.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "signed_fpca"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 2046893, "bug_id": 1907700, "comment": {"karma": -1, "karma_critpath": 0, "text": "", "timestamp": "2021-05-28 11:29:20", "update_id": 308770, "user_id": 4048, "id": 2046893, "testcase_feedback": [], "user": {"name": "tis", "email": "tis@foobar.fi", "id": 4048, "avatar": "https://seccdn.libravatar.org/avatar/3536202e18966e4fbfbcc6d646b90ee7f4e8f68f355b0f421d9780ef623d59c1?s=24&d=retro", "openid": "tis.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "signed_fpca"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 2046892, "bug_id": 1907700, "comment": {"karma": 0, "karma_critpath": 0, "text": "This is rhel7 core package. Please retire this package.", "timestamp": "2021-05-28 11:29:12", "update_id": 308770, "user_id": 4048, "id": 2046892, "testcase_feedback": [], "user": {"name": "tis", "email": "tis@foobar.fi", "id": 4048, "avatar": "https://seccdn.libravatar.org/avatar/3536202e18966e4fbfbcc6d646b90ee7f4e8f68f355b0f421d9780ef623d59c1?s=24&d=retro", "openid": "tis.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "signed_fpca"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 2180702, "bug_id": 1907700, "comment": {"karma": 0, "karma_critpath": 0, "text": "Retiring package from EPEL7.\nUnpushing this update.", "timestamp": "2021-08-23 13:31:33", "update_id": 308770, "user_id": 233, "id": 2180702, "testcase_feedback": [], "user": {"name": "tdawson", "email": "tdawson@redhat.com", "id": 233, "avatar": "https://seccdn.libravatar.org/avatar/e0034d87af3e72eecdfa3848707ecc6cc2339078b68d48c05dbaf7e20bf477b2?s=24&d=retro", "openid": "tdawson.id.stg.fedoraproject.org", "groups": [{"name": "nodejs-sig"}, {"name": "provenpackager"}, {"name": "kde-sig"}, {"name": "packager"}, {"name": "eln-sig"}, {"name": "iot"}, {"name": "fedorabugs"}, {"name": "signed_fpca"}, {"name": "sig-atomic"}, {"name": "ipausers"}, {"name": "modularity-wg"}, {"name": "aws-min"}, {"name": "sig-paas"}, {"name": "epel-wranglers"}, {"name": "fedora-contributor"}, {"name": "centosproject-email-aliases"}, {"name": "epel-cabal"}, {"name": "sig-altimages"}, {"name": "gitlab-centos-sig-altimages"}, {"name": "gitlab-centos-sig-isa"}, {"name": "sig-isa"}, {"name": "sig-extras"}, {"name": "sig-docs"}, {"name": "trust admins"}, {"name": "multimedia-sig"}]}}}]}, {"bug_id": 1907702, "title": "CVE-2020-27845 openjpeg2: openjpeg: heap-based buffer overflow in functions opj_pi_next_rlcp, opj_pi_next_rpcl and opj_pi_next_lrcp in openjp2/pi.c [fedora-all]", "security": true, "parent": false, "feedback": [{"karma": 0, "comment_id": 1781379, "bug_id": 1907702, "comment": {"karma": -1, "karma_critpath": 0, "text": "openjpeg2-2.3.1-3.el7_7 is in rhel7. Please remove this package from epel7. Unfixed issues can only be fixed in rhel7 and this package must be removed from epel7.", "timestamp": "2020-12-18 11:38:05", "update_id": 265949, "user_id": 4048, "id": 1781379, "testcase_feedback": [], "user": {"name": "tis", "email": "tis@foobar.fi", "id": 4048, "avatar": "https://seccdn.libravatar.org/avatar/3536202e18966e4fbfbcc6d646b90ee7f4e8f68f355b0f421d9780ef623d59c1?s=24&d=retro", "openid": "tis.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "signed_fpca"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 1787004, "bug_id": 1907702, "comment": {"karma": 1, "karma_critpath": 0, "text": "No regressions detected", "timestamp": "2020-12-23 06:27:04", "update_id": 265942, "user_id": 195, "id": 1787004, "testcase_feedback": [], "user": {"name": "norenh", "email": "henning.noren@gmail.com", "id": 195, "avatar": "https://seccdn.libravatar.org/avatar/e57ad00f606591e7f7c5111fc78a01018ddc51bd5b69317fac31089fd8bda51f?s=24&d=retro", "openid": "norenh.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "signed_fpca"}]}}}, {"karma": 0, "comment_id": 1795437, "bug_id": 1907702, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2020-12-31 08:35:55", "update_id": 265942, "user_id": 5696, "id": 1795437, "testcase_feedback": [], "user": {"name": "thebiginfinity", "email": "print_hello_world+fas@protonmail.com", "id": 5696, "avatar": "https://seccdn.libravatar.org/avatar/70a1f4009b541bad37d7be03eb560cce5610935a02d0946cb491d8e0aa7d1865?s=24&d=retro", "openid": "thebiginfinity.id.stg.fedoraproject.org", "groups": []}}}, {"karma": 0, "comment_id": 1817886, "bug_id": 1907702, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2021-01-14 12:32:33", "update_id": 265942, "user_id": 5881, "id": 1817886, "testcase_feedback": [], "user": {"name": "geraldosimiao", "email": "geraldo.simiao.kutz@gmail.com", "id": 5881, "avatar": "https://seccdn.libravatar.org/avatar/03fa5b58e8ac78544bf41ad8ecf9ee1920f2ebedb86542c2f4cdf7ef15813168?s=24&d=retro", "openid": "geraldosimiao.id.stg.fedoraproject.org", "groups": [{"name": "qa"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "ambassadors"}, {"name": "fedora-br"}, {"name": "advocates"}, {"name": "respins-sig"}]}}}]}], "updateid": "FEDORA-EPEL-2020-4a9fc09599", "karma": -1, "content_type": "rpm", "test_cases": []}, "can_edit": false, "ci_allowed": false}