ELSA-2021-4251

Опубликовано: 16 нояб. 2021

Источник: oracle-oval

Платформа: Oracle Linux 8

Описание

ELSA-2021-4251: openjpeg2 security update (MODERATE)

[2.4.0-4]

Fix Covscan defect

[2.4.0-3]

Fix CVE-2021-3575 (#1969279)
Fix resource leak identified by Covscan

[2.4.0-2]

Fix CVE-2021-29338 (#1951332)

[2.4.0-1]

Rebase to 2.4.0
Resolves: CVE-2018-5727 (#1538467)
Resolves: CVE-2018-5785 (#1538556)
Resolves: CVE-2018-20845 (#1730679)
Resolves: CVE-2018-20847 (#1734337)
Resolves: CVE-2019-12973 (#1739076)
Resolves: CVE-2020-15389 (#1855115)
Resolves: CVE-2020-27814 (#1908965)
Resolves: CVE-2020-27823 (#1906222)
Resolves: CVE-2020-27824 (#1906216)
Resolves: CVE-2020-27842 (#1908165)
Resolves: CVE-2020-27843 (#1908164)
Resolves: CVE-2020-27845 (#1908168)

Обновленные пакеты

Oracle Linux 8

Oracle Linux aarch64

openjpeg2

2.4.0-4.el8

openjpeg2-devel

2.4.0-4.el8

openjpeg2-devel-docs

2.4.0-4.el8

openjpeg2-tools

2.4.0-4.el8

Oracle Linux x86_64

openjpeg2

2.4.0-4.el8

openjpeg2-devel

2.4.0-4.el8

openjpeg2-devel-docs

2.4.0-4.el8

openjpeg2-tools

2.4.0-4.el8

Связанные CVE

Ссылки на источники

Связанные уязвимости

RLSA-2021:4251

rocky

больше 3 лет назад

Moderate: openjpeg2 security update

SUSE-SU-2022:1252-1

suse-cvrf

около 3 лет назад

Security update for openjpeg2

CVE-2018-5727

CVSS3: 6.5

ubuntu

больше 7 лет назад

In OpenJPEG 2.3.0, there is an integer overflow vulnerability in the opj_t1_encode_cblks function (openjp2/t1.c). Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file.

CVE-2018-5727

CVSS3: 4.3

redhat

больше 7 лет назад

CVE-2018-5727

CVSS3: 6.5

nvd

больше 7 лет назад