FEDORA-2017-5a3cd21cee created by smani 4 years ago for Fedora 26
stable

This update fixes CVE-2017-14040, CVE-2017-14041 and two other security vulnerabilities.

How to install

sudo dnf upgrade --advisory=FEDORA-2017-5a3cd21cee

This update has been submitted for testing by smani.

4 years ago

This update has been pushed to testing.

4 years ago
User Icon besser82 commented & provided feedback 4 years ago
karma

Works great! LGTM! =)

User Icon cserpentis commented & provided feedback 4 years ago
karma

works for me

User Icon jonathancalloway commented & provided feedback 4 years ago
karma

No regressions noted.

BZ#1487390 CVE-2017-14151 openjpeg: Heap-based buffer overflow in opj_mqc_flush in mqc.c
BZ#1487389 CVE-2017-14152 openjpeg: Heap-based buffer overflow in opj_write_bytes_LE in cio.c
BZ#1487361 CVE-2017-14040 openjpeg: Invalid write access in bin/jp2/convert.c
BZ#1487347 CVE-2017-14041 openjpeg: Stack-based buffer over-write in pgxtoimage function in bin/jp2/convert.c
BZ#1487394 CVE-2017-14151 CVE-2017-14152 openjpeg2: various flaws [fedora-all]
BZ#1487364 CVE-2017-14040 CVE-2017-14041 openjpeg2: various flaws [fedora-all]

This update has been submitted for stable by bodhi.

4 years ago

This update has been pushed to stable.

4 years ago

Please login to add feedback.

Metadata
Type
security
Karma
3
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
disabled
Dates
submitted
4 years ago
in testing
4 years ago
in stable
4 years ago
BZ#1487347 CVE-2017-14041 openjpeg: Stack-based buffer over-write in pgxtoimage function in bin/jp2/convert.c
0
1
BZ#1487361 CVE-2017-14040 openjpeg: Invalid write access in bin/jp2/convert.c
0
1
BZ#1487364 CVE-2017-14040 CVE-2017-14041 openjpeg2: various flaws [fedora-all]
0
1
BZ#1487389 CVE-2017-14152 openjpeg: Heap-based buffer overflow in opj_write_bytes_LE in cio.c
0
1
BZ#1487390 CVE-2017-14151 openjpeg: Heap-based buffer overflow in opj_mqc_flush in mqc.c
0
1
BZ#1487394 CVE-2017-14151 CVE-2017-14152 openjpeg2: various flaws [fedora-all]
0
1

Automated Test Results