Back to openjpeg2 PTS page

Accepted openjpeg2 2.1.2-1.1+deb9u6 (source amd64 all) into oldstable

To: debian-lts-changes@lists.debian.org, dispatch@tracker.debian.org
Subject: Accepted openjpeg2 2.1.2-1.1+deb9u6 (source amd64 all) into oldstable
From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
Date: Mon, 08 Feb 2021 21:40:16 +0000
Mail-followup-to: debian-lts@lists.debian.org
Message-id: <E1l9EGW-0000UL-QG@seger.debian.org>
Reply-to: debian-lts@lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Thu, 04 Feb 2021 08:18:38 +1100
Source: openjpeg2
Binary: libopenjp2-7-dev libopenjp2-7 libopenjpip7 libopenjp3d7 libopenjp2-7-dbg libopenjpip-dec-server libopenjpip-viewer libopenjpip-server libopenjp3d-tools libopenjp2-tools
Architecture: source amd64 all
Version: 2.1.2-1.1+deb9u6
Distribution: stretch-security
Urgency: medium
Maintainer: Debian PhotoTools Maintainers <pkg-phototools-devel@lists.alioth.debian.org>
Changed-By: Brian May <bam@debian.org>
Description:
 libopenjp2-7 - JPEG 2000 image compression/decompression library
 libopenjp2-7-dbg - debug symbols for libopenjp2-7, a JPEG 2000 image library
 libopenjp2-7-dev - development files for OpenJPEG, a JPEG 2000 image library
 libopenjp2-tools - command-line tools using the JPEG 2000 library
 libopenjp3d-tools - command-line tools using the JPEG 2000 - 3D library
 libopenjp3d7 - JP3D (JPEG 2000 / Part 10) image compression/decompression librar
 libopenjpip-dec-server - tool to allow caching of JPEG 2000 files using JPIP protocol
 libopenjpip-server - JPIP server for JPEG 2000 files
 libopenjpip-viewer - JPEG 2000 java based viewer for advanced remote JPIP access
 libopenjpip7 - JPEG 2000 Interactive Protocol
Changes:
 openjpeg2 (2.1.2-1.1+deb9u6) stretch-security; urgency=medium
 .
   * Non-maintainer upload by the LTS Security Team.
   * Fix CVE-2020-27814: A heap-buffer overflow in the way openjpeg2
     handled certain PNG format files.
   * Fix CVE-2020-27823: Wrong computation of x1,y1 if -d option is used,
     resulting in heap buffer overflow.
   * Fix CVE-2020-27824: avoid global buffer overflow on irreversible conversion when
     too many decomposition levels are specified.
   * Fix CVE-2020-27841: crafted input to be processed by the openjpeg encoder
     could cause an out-of-bounds read.
   * Fix CVE-2020-27844: crafted input to be processed by the openjpeg encoder
     could cause an out-of-bounds write.
   * Fix CVE-2020-27845: crafted input can cause out-of-bounds-read.
Checksums-Sha1:
 9950c2a1c0da3d81e45c01c8e41f5873e232945e 2797 openjpeg2_2.1.2-1.1+deb9u6.dsc
 c8671e7f577fdc58abde1e1f32b10d372e6f9b07 1987071 openjpeg2_2.1.2.orig.tar.gz
 ee3de9bb3285ad1a04b00dff2991bc0b002d8ca3 30240 openjpeg2_2.1.2-1.1+deb9u6.debian.tar.xz
 2463692d8caa3cf04684cdd18e90871ea6f1c49c 1108330 libopenjp2-7-dbg_2.1.2-1.1+deb9u6_amd64.deb
 ac775fe66ab795376c8a2ee5b6642c6f681b4a16 39306 libopenjp2-7-dev_2.1.2-1.1+deb9u6_amd64.deb
 d137a791d043766dd8120e426e94a7d2508095d3 123298 libopenjp2-7_2.1.2-1.1+deb9u6_amd64.deb
 473a8d8a719f68a13bb8e6092c06640caf56c2e6 95124 libopenjp2-tools_2.1.2-1.1+deb9u6_amd64.deb
 0c8bb2c68776d624e677af021b94072d815801bc 42280 libopenjp3d-tools_2.1.2-1.1+deb9u6_amd64.deb
 57e80e9e9015b76d951efa29019b31a04af093f2 85684 libopenjp3d7_2.1.2-1.1+deb9u6_amd64.deb
 60511a5dd202d47b5b2c485d7409464495fefbd1 29292 libopenjpip-dec-server_2.1.2-1.1+deb9u6_amd64.deb
 cb556a64ee13dc0d1f519e5f221008a837785e99 51680 libopenjpip-server_2.1.2-1.1+deb9u6_amd64.deb
 ec77058935d057d3dccbbc1f07805199fc83602d 45858 libopenjpip-viewer_2.1.2-1.1+deb9u6_all.deb
 4fb417590058a9032e03d2ac72529f028ebbda21 61514 libopenjpip7_2.1.2-1.1+deb9u6_amd64.deb
 98030e2fc8c6a55c32a603ba31478ae0eea0946b 15606 openjpeg2_2.1.2-1.1+deb9u6_amd64.buildinfo
Checksums-Sha256:
 d53d34aae6b64f554e98639faec5ff58fcdd2b72118f8f15ac3b8807b152e063 2797 openjpeg2_2.1.2-1.1+deb9u6.dsc
 4ce77b6ef538ef090d9bde1d5eeff8b3069ab56c4906f083475517c2c023dfa7 1987071 openjpeg2_2.1.2.orig.tar.gz
 2eca1f4dcabef3ab1695f6b309bddb1aefbfca6e48c8f8189d425b17cb5685e4 30240 openjpeg2_2.1.2-1.1+deb9u6.debian.tar.xz
 41b7f1c62ee0afd3ba2d2aeefdcc8fa9e1ae738d512d8c98af55b52853604731 1108330 libopenjp2-7-dbg_2.1.2-1.1+deb9u6_amd64.deb
 1ce958fcb89f45637fe6b3667db60ed7279072e7ae2aad276abd46ccc76656d8 39306 libopenjp2-7-dev_2.1.2-1.1+deb9u6_amd64.deb
 31f2b0c8a960a7a42c46591596379358b3ab6b1b342965b2a901f70b886796d7 123298 libopenjp2-7_2.1.2-1.1+deb9u6_amd64.deb
 61b67304a281bf6d0601879929ab5ffe740644fc722cc71479d7b2489ef4db99 95124 libopenjp2-tools_2.1.2-1.1+deb9u6_amd64.deb
 e4c1afe796817900138e7fa877686c6356b7d357e9f34ac14e0dccbcbece95c5 42280 libopenjp3d-tools_2.1.2-1.1+deb9u6_amd64.deb
 dae04b4c5e2b5c05a7206ea9a9294bc3a08beec45d539a885fa0852a76aea95b 85684 libopenjp3d7_2.1.2-1.1+deb9u6_amd64.deb
 8d3e76b5124c030e50a207d08252e55461d3f2734e23509a25c67d582a0c6255 29292 libopenjpip-dec-server_2.1.2-1.1+deb9u6_amd64.deb
 0535c9ee3cc6b63828fddf4d11d41c2f7625e22320ca8ce05865cf763d2436c6 51680 libopenjpip-server_2.1.2-1.1+deb9u6_amd64.deb
 1fa558a54b64dfa7e8bcc0b63e07997d033ae6369eb32027c1df45d3b76d9a09 45858 libopenjpip-viewer_2.1.2-1.1+deb9u6_all.deb
 73883f4ebf7660a6872a499c945ef4563bcf38de93ea6b6ff69f8e7534d326db 61514 libopenjpip7_2.1.2-1.1+deb9u6_amd64.deb
 854a5b4642f3d0afd285510902bc5d8577dcf6a05920cf67551effb43020cac8 15606 openjpeg2_2.1.2-1.1+deb9u6_amd64.buildinfo
Files:
 90a9470d5b28b712c7ba0b9bc08eb128 2797 libs optional openjpeg2_2.1.2-1.1+deb9u6.dsc
 40a7bfdcc66280b3c1402a0eb1a27624 1987071 libs optional openjpeg2_2.1.2.orig.tar.gz
 18216895c7485fea245f7b91cf70179a 30240 libs optional openjpeg2_2.1.2-1.1+deb9u6.debian.tar.xz
 1e972597b85e8f1aaad58372ef4e3bf5 1108330 debug extra libopenjp2-7-dbg_2.1.2-1.1+deb9u6_amd64.deb
 4ae009465ee006b72d6e964674dfd1c3 39306 libdevel optional libopenjp2-7-dev_2.1.2-1.1+deb9u6_amd64.deb
 6ab61ce53aaa52608b8c8ae0ce387d54 123298 libs optional libopenjp2-7_2.1.2-1.1+deb9u6_amd64.deb
 b86c732ba8c9173d8b33c53b8459a058 95124 graphics optional libopenjp2-tools_2.1.2-1.1+deb9u6_amd64.deb
 b04b0439c4eacde25baf7f7efd9d8c80 42280 graphics optional libopenjp3d-tools_2.1.2-1.1+deb9u6_amd64.deb
 756cf25580e19d01df0451751be56aeb 85684 libs optional libopenjp3d7_2.1.2-1.1+deb9u6_amd64.deb
 44b04089cd8d89e09ca90108b158c7bb 29292 graphics optional libopenjpip-dec-server_2.1.2-1.1+deb9u6_amd64.deb
 6230454ab871948466c940b7d28b070a 51680 graphics optional libopenjpip-server_2.1.2-1.1+deb9u6_amd64.deb
 7e1691feab9bc681f9fda8cf4a423805 45858 graphics optional libopenjpip-viewer_2.1.2-1.1+deb9u6_all.deb
 2eeeca091418b3cc7bafe25e8366a641 61514 libs optional libopenjpip7_2.1.2-1.1+deb9u6_amd64.deb
 4ccfcab1d4b1f67abd2bd1f38086a5a9 15606 libs optional openjpeg2_2.1.2-1.1+deb9u6_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEKpwfR8DOwu5vyB4TKpJZkldkSvoFAmAhqnQACgkQKpJZkldk
Svpirg/7B+QHKF5Aj5vbUz/gxcrW2X9VK3lHrv+l5yQEcF7PJyXNd94lhahVBtXv
TzhsFvXX9g4RLQjhPj7MxoAmb0w+/IeP/yC5aO2jVMKrd7dnmoN6Zb+KEPxWI8A0
niGh5wGrbwGr9spiLPd8fU7l0LCbBugsFdXff5TVmxYxT8P6IngkaN/htXc5TExI
Sh7gXZ3AU+JJzb9NSxzW+bmsYLMMx+UcEgN1g61vup88kzBRP+G4MJhxJE0VEHIt
dqo8f4B+PfSWyPV0rkXxbm2ShtKGC0EZOFGN4nUS1loKfB5PV8mCIODc6iV6vZGv
Yy8Lof61NarhOmKWD3qRavYxf91HlRqeXgYsuJ1sfa3jK7M3oLHRFVjKbrZnhSj3
ZePQxkJXtlLDg8FtCMb+u4VnJNra4gJIwdHL/ooVLV+m7NWthw9JSthE5KCuzmMV
4k+LXIxQ5H25GggXb7H0CeRgeY0kbDeup7RJTMZH9VhFgjRDpgMWifpiYXxedGXq
kJHlWdyjXtgrcWuqKG8K3iI0/lrUDsZ1KFldxrvM5L2ZSvAEbxi/yEhbrCSUTjeF
Wog/ihx7/EEbu2O48LnN8M0w9gRFLXiRmtBrWOcMA9mwfAi6Ys629SBD7X7ZWI/F
6Ehz1skIuuzmuOEDM4h1qKByyxtZjgk8Vtr3n9KOgw6+Pl5iyMY=
=sDVj
-----END PGP SIGNATURE-----