Описание
ELSA-2017-0559: openjpeg security update (MODERATE)
[1.3-16]
- Revert previous changes in patch for CVE-2016-5159
- Fix double free in patch for CVE-2016-5139
- Fix memory leaks and invalid read in cio_bytein Related: #1419775
[1.3-15]
- Add two more allocation checks to patch for CVE-2016-5159 Related: #1419775
[1.3-14]
- Add patches for CVE-2016-5139, CVE-2016-5158, CVE-2016-5159 Related: #1419775
[1.3-13]
- Fix patch name: CVE-2016-9675 => CVE-2016-7163 Related: #1419775
[1.3-12]
- Add patch for CVE-2016-9675
- Fix Coverity issues Resolves: #1419775
Обновленные пакеты
Oracle Linux 6
Oracle Linux x86_64
openjpeg
1.3-16.el6_8
openjpeg-devel
1.3-16.el6_8
openjpeg-libs
1.3-16.el6_8
Oracle Linux i686
openjpeg
1.3-16.el6_8
openjpeg-devel
1.3-16.el6_8
openjpeg-libs
1.3-16.el6_8
Oracle Linux sparc64
openjpeg
1.3-16.el6_8
openjpeg-devel
1.3-16.el6_8
openjpeg-libs
1.3-16.el6_8
Ссылки на источники
Связанные уязвимости
Multiple integer overflows in OpenJPEG, as used in PDFium in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, allow remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted JPEG 2000 data that is mishandled during opj_aligned_malloc calls in dwt.c and t1.c.
Multiple integer overflows in OpenJPEG, as used in PDFium in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, allow remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted JPEG 2000 data that is mishandled during opj_aligned_malloc calls in dwt.c and t1.c.
Multiple integer overflows in OpenJPEG, as used in PDFium in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, allow remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted JPEG 2000 data that is mishandled during opj_aligned_malloc calls in dwt.c and t1.c.
Multiple integer overflows in OpenJPEG, as used in PDFium in Google Ch ...