[Pkg-phototools-devel] Bug#743372: openjpeg: CVE-2014-0158: Heap-based buffer overflow in JPEG2000 image tile decoder
Salvatore Bonaccorso
carnil at debian.org
Wed Apr 2 07:33:26 UTC 2014
Source: openjpeg
Severity: grave
Tags: security upstream
Hi,
the following vulnerability was published for openjpeg.
CVE-2014-0158[0]:
Heap-based buffer overflow in JPEG2000 image tile decoder
More information are on the Red Hat bugzilla[1].
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0158
https://security-tracker.debian.org/tracker/CVE-2014-0158
[1] https://bugzilla.redhat.com/show_bug.cgi?id=1082925
Please adjust the affected versions in the BTS as needed. I only
quickly checked unstable which seems to apply. Could you check if
oldstable and stable are also affected by this problem?
Regards,
Salvatore
More information about the Pkg-phototools-devel
mailing list