Bug#1110686: bookworm-pu: package openjpeg2/2.5.0-2+deb12u2
Adrian Bunk
bunk at debian.org
Sun Aug 10 04:27:23 BST 2025
Package: release.debian.org
Severity: normal
Tags: bookworm, moreinfo
X-Debbugs-Cc: openjpeg2 at packages.debian.org, security at debian.org
Control: affects -1 + src:openjpeg2
User: release.debian.org at packages.debian.org
Usertags: pu
* CVE-2025-50952: Avoid potential undefined behaviour
in opj_dwt_decode_tile()
Tagged moreinfo, as question to the security team whether they want
this in pu or as DSA.
-------------- next part --------------
diffstat for openjpeg2-2.5.0 openjpeg2-2.5.0
changelog | 8 ++
patches/0001-opj_dwt_decode_tile-avoid-potential-UndefinedBehavio.patch | 28 ++++++++++
patches/series | 1
3 files changed, 37 insertions(+)
diff -Nru openjpeg2-2.5.0/debian/changelog openjpeg2-2.5.0/debian/changelog
--- openjpeg2-2.5.0/debian/changelog 2025-01-24 18:41:23.000000000 +0200
+++ openjpeg2-2.5.0/debian/changelog 2025-08-10 03:05:29.000000000 +0300
@@ -1,3 +1,11 @@
+openjpeg2 (2.5.0-2+deb12u2) bookworm; urgency=medium
+
+ * Non-maintainer upload.
+ * CVE-2025-50952: Avoid potential undefined behaviour
+ in opj_dwt_decode_tile()
+
+ -- Adrian Bunk <bunk at debian.org> Sun, 10 Aug 2025 03:05:29 +0300
+
openjpeg2 (2.5.0-2+deb12u1) bookworm-security; urgency=medium
* CVE-2021-3575 (Closes: #989775)
diff -Nru openjpeg2-2.5.0/debian/patches/0001-opj_dwt_decode_tile-avoid-potential-UndefinedBehavio.patch openjpeg2-2.5.0/debian/patches/0001-opj_dwt_decode_tile-avoid-potential-UndefinedBehavio.patch
--- openjpeg2-2.5.0/debian/patches/0001-opj_dwt_decode_tile-avoid-potential-UndefinedBehavio.patch 1970-01-01 02:00:00.000000000 +0200
+++ openjpeg2-2.5.0/debian/patches/0001-opj_dwt_decode_tile-avoid-potential-UndefinedBehavio.patch 2025-08-10 03:05:04.000000000 +0300
@@ -0,0 +1,28 @@
+From d4ac96d6460a9f4cc4519dbfcc7da6ad385bbe58 Mon Sep 17 00:00:00 2001
+From: Even Rouault <even.rouault at spatialys.com>
+Date: Sun, 18 Feb 2024 17:17:00 +0100
+Subject: opj_dwt_decode_tile(): avoid potential UndefinedBehaviorSanitizer
+ 'applying zero offset to null pointer' (fixes #1505)
+
+---
+ src/lib/openjp2/dwt.c | 4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+
+diff --git a/src/lib/openjp2/dwt.c b/src/lib/openjp2/dwt.c
+index abc500ec..6b18c5dd 100644
+--- a/src/lib/openjp2/dwt.c
++++ b/src/lib/openjp2/dwt.c
+@@ -2083,7 +2083,9 @@ static OPJ_BOOL opj_dwt_decode_tile(opj_thread_pool_t* tp,
+ OPJ_SIZE_T h_mem_size;
+ int num_threads;
+
+- if (numres == 1U) {
++ /* Not entirely sure for the return code of w == 0 which is triggered per */
++ /* https://github.com/uclouvain/openjpeg/issues/1505 */
++ if (numres == 1U || w == 0) {
+ return OPJ_TRUE;
+ }
+ num_threads = opj_thread_pool_get_thread_count(tp);
+--
+2.30.2
+
diff -Nru openjpeg2-2.5.0/debian/patches/series openjpeg2-2.5.0/debian/patches/series
--- openjpeg2-2.5.0/debian/patches/series 2025-01-24 18:17:00.000000000 +0200
+++ openjpeg2-2.5.0/debian/patches/series 2025-08-10 03:05:29.000000000 +0300
@@ -4,3 +4,4 @@
CVE-2023-39327.patch
CVE-2024-56826.patch
CVE-2024-56827.patch
+0001-opj_dwt_decode_tile-avoid-potential-UndefinedBehavio.patch
More information about the Pkg-phototools-devel
mailing list