[Pkg-phototools-devel] Bug#800149: openjpeg2: Use-after-free in opj_j2k_write_mco

Salvatore Bonaccorso carnil at debian.org
Fri May 13 04:40:25 UTC 2016


Control: retitle -1 openjpeg2: CVE-2015-8871: Use-after-free in opj_j2k_write_mco

Hi,

On Sun, Sep 27, 2015 at 01:54:25PM +0200, Salvatore Bonaccorso wrote:
> Source: openjpeg2
> Version: 2.1.0-2
> Severity: important
> Tags: security upstream patch fixed-upstream
> Forwarded: https://github.com/uclouvain/openjpeg/issues/563
> 
> Hi
> 
> A use-after-free vulnerability was found in openjpeg2, see
> http://www.openwall.com/lists/oss-security/2015/09/15/4 for the
> corresponding CVE request (no CVE assigned so far).
> 
> Upstream issue: https://github.com/uclouvain/openjpeg/issues/563

This issue has been assigned CVE-2015-8871.

Regards,
Salvatore



More information about the Pkg-phototools-devel mailing list