[ubuntu/plucky-proposed] openjpeg2 2.5.0-2ubuntu2 (Accepted)

Bruce Cable bruce.cable at canonical.com
Wed Nov 27 00:22:15 UTC 2024 

openjpeg2 (2.5.0-2ubuntu2) plucky; urgency=medium

  * SECURITY UPDATE: heap buffer overflow
    - debian/patches/CVE-2021-3575.patch: opj_decompress: fix off-by-one
      read heap-buffer-overflow in sycc420_to_rgb() when x0 and y0 are odd
    - CVE-2021-3575

Date: Wed, 27 Nov 2024 09:53:43 +1100
Changed-By: Bruce Cable <bruce.cable at canonical.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Signed-By: Alex Murray <alex.murray at canonical.com>
https://launchpad.net/ubuntu/+source/openjpeg2/2.5.0-2ubuntu2
-------------- next part --------------
Format: 1.8
Date: Wed, 27 Nov 2024 09:53:43 +1100
Source: openjpeg2
Built-For-Profiles: noudeb
Architecture: source
Version: 2.5.0-2ubuntu2
Distribution: plucky
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Bruce Cable <bruce.cable at canonical.com>
Changes:
 openjpeg2 (2.5.0-2ubuntu2) plucky; urgency=medium
 .
   * SECURITY UPDATE: heap buffer overflow
     - debian/patches/CVE-2021-3575.patch: opj_decompress: fix off-by-one
       read heap-buffer-overflow in sycc420_to_rgb() when x0 and y0 are odd
     - CVE-2021-3575
Checksums-Sha1:
 3dc90367d5ed2cdc66c9314888a9eab951217e46 2472 openjpeg2_2.5.0-2ubuntu2.dsc
 91c6a03563ab48bc243322f7924d627c1f6e8bae 19036 openjpeg2_2.5.0-2ubuntu2.debian.tar.xz
 0eae5409b84b2a01da1b4e56c69e829061629f65 10032 openjpeg2_2.5.0-2ubuntu2_source.buildinfo
Checksums-Sha256:
 a795ab809bbd86d9617732d0990455b104c3e38949e618fb5cc2699d20fedd2c 2472 openjpeg2_2.5.0-2ubuntu2.dsc
 7a2b47a2e5e4d58975aed0876a56001496868032a4b4672f83a854fd9a835565 19036 openjpeg2_2.5.0-2ubuntu2.debian.tar.xz
 5732f6ad49614702b1af3b9bad0f0630b6b1b9d100ef2e838a58e2d306128ddd 10032 openjpeg2_2.5.0-2ubuntu2_source.buildinfo
Files:
 c8bd7f525590f08f6668e995edb02ad1 2472 libs optional openjpeg2_2.5.0-2ubuntu2.dsc
 2fdee6f04c598f0363ad4d86c7edc388 19036 libs optional openjpeg2_2.5.0-2ubuntu2.debian.tar.xz
 6149bbf82e5a66b22ec6500759449494 10032 libs optional openjpeg2_2.5.0-2ubuntu2_source.buildinfo
Original-Maintainer: Debian PhotoTools Maintainers <pkg-phototools-devel at lists.alioth.debian.org>

More information about the plucky-changes mailing list