You are here
Home > Preporuke > Sigurnosni nedostaci programskog paketa openjpeg2

Sigurnosni nedostaci programskog paketa openjpeg2

  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LFE

Fedora Update Notification
2016-12-19 21:12:01.496015

Name : openjpeg2
Product : Fedora 25
Version : 2.1.2
Release : 3.fc25
Summary : C-Library for JPEG 2000
Description :
The OpenJPEG library is an open-source JPEG 2000 library developed in order to
promote the use of JPEG 2000.

This package contains
* JPEG 2000 codec compliant with the Part 1 of the standard (Class-1 Profile-1
* JP2 (JPEG 2000 standard Part 2 – Handling of JP2 boxes and extended multiple
component transforms for multispectral and hyperspectral imagery)

Update Information:

This update fixes CVE-2016-9580 and CVE-2016-9581.

[ 1 ] Bug #1405128 – CVE-2016-9580 openjpeg2: Integer overflow in tiftoimage causes heap buffer overflow
[ 2 ] Bug #1405135 – CVE-2016-9581 openjpeg2: Infinite loop in tiftoimage resulting into heap buffer overflow in convert_32s_C1P1

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade openjpeg2’ at the command line.
For more information, refer to the dnf documentation available at

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
package-announce mailing list —
To unsubscribe send an email to

AutorTomislav Protega
Cert idNCERT-REF-2016-12-0026-ADV
More in Preporuke
Sigurnosni nedostaci programskog paketa freeipa

Otkriveni su sigurnosni nedostaci u programskom paketu freeipa za Fedoru. Otkriveni nedostaci potencijalnim napadačima omogućuju izmjenu konfiguracije profila certifikata, a...