Описание
Security update for openjpeg2
This update for openjpeg2 fixes the following issues:
Security issue fixed:
- CVE-2016-1923: Fixed anout of bounds read int opj_j2k_update_image_data() and opj_tgt_reset () (bsc#962522).
Список пакетов
SUSE Linux Enterprise Desktop 12 SP4
libopenjp2-7-2.1.0-4.12.2
SUSE Linux Enterprise Server 12 SP4
libopenjp2-7-2.1.0-4.12.2
SUSE Linux Enterprise Server for SAP Applications 12 SP4
libopenjp2-7-2.1.0-4.12.2
Ссылки
- Link for SUSE-SU-2019:2152-1
- E-Mail link for SUSE-SU-2019:2152-1
- SUSE Security Ratings
- SUSE Bug 962522
- SUSE CVE CVE-2016-1923 page
Описание
Heap-based buffer overflow in the opj_j2k_update_image_data function in OpenJpeg 2016.1.18 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted JPEG 2000 image.
Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP4:libopenjp2-7-2.1.0-4.12.2
SUSE Linux Enterprise Server 12 SP4:libopenjp2-7-2.1.0-4.12.2
SUSE Linux Enterprise Server for SAP Applications 12 SP4:libopenjp2-7-2.1.0-4.12.2
Ссылки
- CVE-2016-1923
- SUSE Bug 962522
- SUSE Bug 980504