Accepted openjpeg2 2.3.0-2 (source) into unstable
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sun, 10 Mar 2019 18:34:51 +0100
Source: openjpeg2
Binary: libopenjp2-7-dev libopenjp2-7 libopenjpip7 libopenjp3d7 libopenjpip-dec-server libopenjpip-viewer libopenjpip-server libopenjp3d-tools libopenjp2-tools
Architecture: source
Version: 2.3.0-2
Distribution: unstable
Urgency: high
Maintainer: Debian PhotoTools Maintainers <pkg-phototools-devel@lists.alioth.debian.org>
Changed-By: Mathieu Malaterre <malat@debian.org>
Description:
libopenjp2-7 - JPEG 2000 image compression/decompression library
libopenjp2-7-dev - development files for OpenJPEG, a JPEG 2000 image library
libopenjp2-tools - command-line tools using the JPEG 2000 library
libopenjp3d-tools - command-line tools using the JPEG 2000 - 3D library
libopenjp3d7 - JP3D (JPEG 2000 / Part 10) image compression/decompression librar
libopenjpip-dec-server - tool to allow caching of JPEG 2000 files using JPIP protocol
libopenjpip-server - JPIP server for JPEG 2000 files
libopenjpip-viewer - JPEG 2000 java based viewer for advanced remote JPIP access
libopenjpip7 - JPEG 2000 Interactive Protocol
Closes: 884738 888533 889683 904873 910763
Changes:
openjpeg2 (2.3.0-2) unstable; urgency=high
.
[ Hugo Lefeuvre ]
* CVE-2017-17480: stack-based buffer overflow in the pgxtovolume function in
jp3d/convert.c (Closes: #884738).
* CVE-2018-14423: division-by-zero in pi_next_pcrl, pi_next_cprl, and
pi_next_rpcl in lib/openjp3d/pi.c (Closes: #904873).
* CVE-2018-18088: null pointer dereference in imagetopnm in jp2/convert.c
(Closes: #910763).
* CVE-2018-5785: integer overflow caused by an out-of-bounds left shift in the
opj_j2k_setup_encoder function (openjp2/j2k.c) (Closes: #888533).
* CVE-2018-6616: excessive iteration in the opj_t1_encode_cblks function of
openjp2/t1.c (Closes: #889683).
.
[ Mathieu Malaterre ]
* Add Hugo as Uploader
Checksums-Sha1:
26883ff0dfeb5e7e8fa32954a0ac04ad8b3a0ef0 2757 openjpeg2_2.3.0-2.dsc
c270a0b9ab31b9484c265fe0f7f5263ddbfdd68b 21040 openjpeg2_2.3.0-2.debian.tar.xz
775b0ffea7429fa7b8cf7fdb66e8a67b71c90c9a 15501 openjpeg2_2.3.0-2_source.buildinfo
Checksums-Sha256:
3b5e407cde75432d1a9bdd92ee229644d1e804302f6421b24fe91372bdcf4841 2757 openjpeg2_2.3.0-2.dsc
def9d0c3020e494fc9e69a674f03e11e736e7765292cf0fe01d481f4cb578b5a 21040 openjpeg2_2.3.0-2.debian.tar.xz
926398f35fa8e3a8b83d01613ae7300826048a507674e2819312ea7c39528254 15501 openjpeg2_2.3.0-2_source.buildinfo
Files:
2d5fcb24dfc3176548866a25a6e34a19 2757 libs optional openjpeg2_2.3.0-2.dsc
6321d54d89ffcf19bf79ea180bfdcfd4 21040 libs optional openjpeg2_2.3.0-2.debian.tar.xz
b88b898e9482387089fe63c1f3b13c87 15501 libs optional openjpeg2_2.3.0-2_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQJFBAEBCgAvFiEEaTNn/67NjqrNHwY7AXHhgorgk0UFAlyFSw0RHG1hbGF0QGRl
Ymlhbi5vcmcACgkQAXHhgorgk0UmTg//STU21I8TDyd5qSDCoPBSlthHVfCL7r1/
+3w5Of30DdpPJQ0luyKM6YbqieGgH+IEyEB4yU8H155amLs1MWPuwZuCsOVfv3BH
gzSKJpFVCYQ+XyH39XMyZ57yKZfQaMBO4/Q2VVYKDHdz3xTUvDh9J+eZhO3uu2d3
6R6EfBERfCi2l9+pq0l8/hFn0+tAp95wqM+fkQDis4QpLmVwxRM/3QlgveDKUqeD
F9XYwc6HBsHHkJgkA8jNsUWXtYEapM+9Nya7J8Ndqtj5KH5Jy7dklI7PIAJV4S9y
DNQ6lrXskpKqU+UsYYTTvX8ZkK+nN+ubUwixCbawYITH2Li3Qp+KKeDhKYWvs8i6
U4HT21HH+2Khf3qKNSwYB5yT70fdu5cNXEMw5FngfWT9Vjk8DsHu/7fv0Idi21XT
YCVYZPWl/SXOIXC52J793BUhL8WA39eYk1iGVr8Bqhw3pwEmN6gkazwaFx2obfch
hrrfd+d/vo9+8096HVrRjfPM7Dw7gBvVtS6Cs5+GUx9MFeVdmUIeScpxp1yJ+1oh
ddvreeRneCO5fBzRFbZPMfiUY3YNUGTBI/3wV0yRfqoSXnB0gZm6rFrTPjtdFYaq
ZP8NWvC7I1xsyFpBmRnY78JZfOmMkDC+NfAvTEdyo2wIxjjnTT184PMto0gwm0Z8
EWWuVSm7Mk0=
=thfA
-----END PGP SIGNATURE-----