This update backports patches for CVE-2020-27841, CVE-2020-27842, CVE-2020-27843, CVE-2020-27845.


This update backports patches for CVE-2020-27824 and CVE-2020-27823.


Backport patch for CVE-2020-27814.

How to install

sudo dnf upgrade --advisory=FEDORA-2020-d32853a28d

This update has been submitted for testing by smani.

10 months ago

This update's test gating status has been changed to 'ignored'.

10 months ago

This update's test gating status has been changed to 'waiting'.

10 months ago

This update has obsoleted mingw-openjpeg2-2.3.1-10.fc32, and has inherited its bugs and notes.

10 months ago

This update's test gating status has been changed to 'ignored'.

10 months ago

This update has been pushed to testing.

10 months ago
User Icon norenh commented & provided feedback 10 months ago
karma

No regressions detected

karma

This update can be pushed to stable now if the maintainer wishes

10 months ago
karma

This update has been submitted for stable by bodhi.

9 months ago

This update has been pushed to stable.

9 months ago

Please login to add feedback.

Metadata
Type
security
Severity
medium
Karma
3
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
14 days
Dates
submitted
10 months ago
in testing
10 months ago
in stable
9 months ago
BZ#1902000 CVE-2020-27814 openjpeg2: openjpeg: Heap-buffer-overflow in lib/openjp2/mqc.c could result in DoS [fedora-all]
0
0
BZ#1902001 CVE-2020-27814 mingw-openjpeg2: openjpeg: Heap-buffer-overflow in lib/openjp2/mqc.c could result in DoS [fedora-all]
0
0
BZ#1905725 CVE-2020-27824 openjpeg2: openjpeg: global-buffer-overflow read in lib-openjp2 [fedora-all]
0
0
BZ#1906220 CVE-2020-27823 openjpeg2: openjpeg: Heap-buffer-overflow write in lib-openjp2 [fedora-all]
0
0
BZ#1907674 CVE-2020-27841 openjpeg2: openjpeg: heap-based buffer overflows in lib/openjp2/pi.c [fedora-all]
0
0
BZ#1907675 CVE-2020-27841 mingw-openjpeg2: openjpeg: heap-based buffer overflows in lib/openjp2/pi.c [fedora-all]
0
0
BZ#1907681 CVE-2020-27842 openjpeg2: openjpeg: null pointer dereference in opj_tgt_reset function in lib/openjp2/tgt.c [fedora-all]
0
0
BZ#1907682 CVE-2020-27842 mingw-openjpeg2: openjpeg: null pointer dereference in opj_tgt_reset function in lib/openjp2/tgt.c [fedora-all]
0
0
BZ#1907686 CVE-2020-27843 openjpeg2: openjpeg: out-of-bounds read in opj_t2_encode_packet function in openjp2/t2.c [fedora-all]
0
0
BZ#1907688 CVE-2020-27843 mingw-openjpeg2: openjpeg: out-of-bounds read in opj_t2_encode_packet function in openjp2/t2.c [fedora-all]
0
0
BZ#1907702 CVE-2020-27845 openjpeg2: openjpeg: heap-based buffer overflow in functions opj_pi_next_rlcp, opj_pi_next_rpcl and opj_pi_next_lrcp in openjp2/pi.c [fedora-all]
0
0
BZ#1907703 CVE-2020-27845 mingw-openjpeg2: openjpeg: heap-based buffer overflow in functions opj_pi_next_rlcp, opj_pi_next_rpcl and opj_pi_next_lrcp in openjp2/pi.c [fedora-all]
0
0

Automated Test Results