This update backports patches for CVE-2020-27841, CVE-2020-27842, CVE-2020-27843, CVE-2020-27845.

How to install

sudo dnf upgrade --advisory=FEDORA-2020-3e00413763

This update has been submitted for testing by smani.

10 months ago

This update's test gating status has been changed to 'ignored'.

10 months ago

This update's test gating status has been changed to 'waiting'.

10 months ago

This update's test gating status has been changed to 'ignored'.

10 months ago

This update has been pushed to testing.

10 months ago
User Icon pwalter commented & provided feedback 10 months ago
karma

Works

User Icon bojan commented & provided feedback 10 months ago
karma

Works

This update can be pushed to stable now if the maintainer wishes

10 months ago
User Icon robbinespu commented & provided feedback 10 months ago
karma

LGTM

This update has been submitted for stable by bodhi.

10 months ago

This update has been pushed to stable.

10 months ago

Please login to add feedback.

Metadata
Type
security
Severity
medium
Karma
3
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
14 days
Dates
submitted
10 months ago
in testing
10 months ago
in stable
10 months ago
BZ#1907674 CVE-2020-27841 openjpeg2: openjpeg: heap-based buffer overflows in lib/openjp2/pi.c [fedora-all]
0
0
BZ#1907675 CVE-2020-27841 mingw-openjpeg2: openjpeg: heap-based buffer overflows in lib/openjp2/pi.c [fedora-all]
0
0
BZ#1907681 CVE-2020-27842 openjpeg2: openjpeg: null pointer dereference in opj_tgt_reset function in lib/openjp2/tgt.c [fedora-all]
0
0
BZ#1907682 CVE-2020-27842 mingw-openjpeg2: openjpeg: null pointer dereference in opj_tgt_reset function in lib/openjp2/tgt.c [fedora-all]
0
0
BZ#1907686 CVE-2020-27843 openjpeg2: openjpeg: out-of-bounds read in opj_t2_encode_packet function in openjp2/t2.c [fedora-all]
0
0
BZ#1907688 CVE-2020-27843 mingw-openjpeg2: openjpeg: out-of-bounds read in opj_t2_encode_packet function in openjp2/t2.c [fedora-all]
0
0
BZ#1907702 CVE-2020-27845 openjpeg2: openjpeg: heap-based buffer overflow in functions opj_pi_next_rlcp, opj_pi_next_rpcl and opj_pi_next_lrcp in openjp2/pi.c [fedora-all]
0
0
BZ#1907703 CVE-2020-27845 mingw-openjpeg2: openjpeg: heap-based buffer overflow in functions opj_pi_next_rlcp, opj_pi_next_rpcl and opj_pi_next_lrcp in openjp2/pi.c [fedora-all]
0
0

Automated Test Results