Scientific Linux alert SLSA-2020:0262-1 (openjpeg2)


From:
               Farhan Ahmed <fahmed@fnal.gov> 
To:
               scientific-linux-errata@listserv.fnal.gov 
Subject:
               Security ERRATA Important: openjpeg2 on SL7.x x86_64 
Date:
               Thu, 30 Jan 2020 13:41:11 -0000
Message-ID:
               <20200130134111.25658.21420@slpackages.fnal.gov>
Synopsis:          Important: openjpeg2 security update
Advisory ID:       SLSA-2020:0262-1
Issue Date:        2020-01-28
CVE Numbers:       None
--

Security Fix(es):

* openjpeg: Heap-based buffer overflow in opj_t1_clbl_decode_processor()
(CVE-2020-6851)

--

SL7
  x86_64
    openjpeg2-2.3.1-2.el7_7.i686.rpm
    openjpeg2-2.3.1-2.el7_7.x86_64.rpm
    openjpeg2-debuginfo-2.3.1-2.el7_7.i686.rpm
    openjpeg2-debuginfo-2.3.1-2.el7_7.x86_64.rpm
    openjpeg2-devel-2.3.1-2.el7_7.i686.rpm
    openjpeg2-devel-2.3.1-2.el7_7.x86_64.rpm
    openjpeg2-tools-2.3.1-2.el7_7.i686.rpm
    openjpeg2-tools-2.3.1-2.el7_7.x86_64.rpm
  noarch
    openjpeg2-devel-docs-2.3.1-2.el7_7.noarch.rpm

- Scientific Linux Development Team

From:		Farhan Ahmed <fahmed@fnal.gov>
To:		scientific-linux-errata@listserv.fnal.gov
Subject:		Security ERRATA Important: openjpeg2 on SL7.x x86_64
Date:		Thu, 30 Jan 2020 13:41:11 -0000
Message-ID:		<20200130134111.25658.21420@slpackages.fnal.gov>