Mehrere Probleme in OpenJPEG
ID: | USN-4880-1 |
Distribution: | Ubuntu |
Plattformen: | Ubuntu 16.04 LTS |
Datum: | Mi, 17. März 2021, 07:13 |
Referenzen: | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27841
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27814 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27823 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27845 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27824 |
Applikationen: | OpenJPEG |
Originalnachricht |
|
--===============5700369572501257370== Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="omixb7calfokqhgl" Content-Disposition: inline --omixb7calfokqhgl Content-Type: text/plain; charset=us-ascii Content-Disposition: inline ========================================================================== Ubuntu Security Notice USN-4880-1 March 16, 2021 openjpeg2 vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 16.04 LTS Summary: Several security issues were fixed in OpenJPEG. Software Description: - openjpeg2: JPEG 2000 image compression/decompression library Details: It was discovered that OpenJPEG incorrectly handled certain image data. An attacker could use this issue to cause OpenJPEG to crash, leading to a denial of service, or possibly execute arbitrary code. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 16.04 LTS: libopenjp2-7 2.1.2-1.1+deb9u6build0.16.04.1 libopenjp3d7 2.1.2-1.1+deb9u6build0.16.04.1 libopenjpip7 2.1.2-1.1+deb9u6build0.16.04.1 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-4880-1 CVE-2020-27814, CVE-2020-27823, CVE-2020-27824, CVE-2020-27841, CVE-2020-27845 Package Information: https://launchpad.net/ubuntu/+source/openjpeg2/2.1.2-1.1+deb9u6build0.16.04.1 --omixb7calfokqhgl Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEECtyyz6azUy6AZBzSkGeI6zGnN/8FAmBQmRsACgkQkGeI6zGn N//O2w//QgM7KH6Rr7wgd3WELIFNzvzmKVnDWiAuAN42htP4qNTrnLyCxCsBLnJ0 XMmsRC2l6F9UXuSZ06H2PUDVv6PrnIxEOxmTA0S//2VZ1RfwaDWsfZOp2AxPiPnw ZONMsBow7P/XyPOWeN6AFGtogfz39J78uNbmmmBSD1HW5l1/vZOsDB1CFkLCP41u znJ7xcqlVhKODo1ZMXOdaU4QSeu24T3+5jR8w8exhTgTZ6nHwo4C7tiKGCUQ6sr9 Sj05lX5/9J12iedx0GVdVlFzDXKp0VJqeH9EeXagzDmecOERFBrVA6fEDM6Rjqa+ ImzorHMV1n3s4g72Y9CI9MN8Hyvu8Kck5Q7M61rZpucqfNkrWnQ5DgYjAI/YiAf+ pT6JH2wm4Dt//TcTM+s34cVuBbBTodiuYYqDQzb5GdILAG7D8nwpjreTHIrFAm5g XwJ/oZWUe05aDhBKeHMNhYLtwtHAVgtn/nsdJFXjKtQRFJFuJIejJ3d4CX682942 sy92bthoaRPhpSQaQ4iMKduRuLqsphltUsWxcqE5F8l7/Un+8qIS9paSBNhN2SsI SlboReTzomuQt0suiNXf4GzVo3LkY7v32dL7jaQEpeNogJrndRG2L1oiNQpQXMQ5 pesWbb0+JZMZpe3c4Nuyr90Hi4HPaoy2YS6NCOm1bn0mLlf5YKM= =jhAa -----END PGP SIGNATURE----- --omixb7calfokqhgl-- --===============5700369572501257370== Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: base64 Content-Disposition: inline -- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce |