You are here
Home > Preporuke > Sigurnosni nedostaci programske biblioteke openjpeg2

Sigurnosni nedostaci programske biblioteke openjpeg2

  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LFE

Fedora Update Notification
2017-09-06 13:04:04.356831

Name : openjpeg2
Product : Fedora 26
Version : 2.2.0
Release : 3.fc26
Summary : C-Library for JPEG 2000
Description :
The OpenJPEG library is an open-source JPEG 2000 library developed in order to
promote the use of JPEG 2000.

This package contains
* JPEG 2000 codec compliant with the Part 1 of the standard (Class-1 Profile-1
* JP2 (JPEG 2000 standard Part 2 – Handling of JP2 boxes and extended multiple
component transforms for multispectral and hyperspectral imagery)

Update Information:

This update fixes CVE-2017-14040, CVE-2017-14041 and two other security

[ 1 ] Bug #1487390 – CVE-2017-14151 openjpeg: Heap-based buffer overflow in opj_mqc_flush in mqc.c
[ 2 ] Bug #1487389 – CVE-2017-14152 openjpeg: Heap-based buffer overflow in opj_write_bytes_LE in cio.c
[ 3 ] Bug #1487361 – CVE-2017-14040 openjpeg: Invalid write access in bin/jp2/convert.c
[ 4 ] Bug #1487347 – CVE-2017-14041 openjpeg: Stack-based buffer over-write in pgxtoimage function in bin/jp2/convert.c

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade openjpeg2’ at the command line.
For more information, refer to the dnf documentation available at

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
package-announce mailing list —
To unsubscribe send an email to

AutorDanijel Kozinovic
Cert idNCERT-REF-2017-09-0041-ADV
More in Preporuke
Sigurnosni nedostaci programskog paketa bind

Otkriveni su sigurnosni nedostaci u programskom paketu bind za operacijski sustav HP-UX. Otkriveni nedostaci potencijalnim napadačima omogućuju izazivanje DoS stanja...