it-securitynotifies AT lists.piratenpartei.de
Betreff: Sicherheitsankündigungen
Listenarchiv
- From: Moritz Muehlenhoff <jmm AT debian.org>
- To: debian-security-announce AT lists.debian.org
- Subject: [IT-SecNots] [SECURITY] [DSA 4882-1] openjpeg2 security update
- Date: Thu, 1 Apr 2021 19:50:00 +0000
- Authentication-results: mail02.piratenpartei.de; dkim=none; spf=none (mail02.piratenpartei.de: domain of "bounce-debian-security-announce=it-securitynotifies=lists.piratenpartei.de AT lists.debian.org" has no SPF policy when checking 82.195.75.100) smtp.mailfrom="bounce-debian-security-announce=it-securitynotifies=lists.piratenpartei.de AT lists.debian.org"; dmarc=none
- List-archive: https://lists.debian.org/msgid-search/20210401195000.GA19539 AT seger.debian.org
- List-id: <debian-security-announce.lists.debian.org>
- List-url: <http://lists.debian.org/debian-security-announce/>
- Old-dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=debian.org; s=smtpauto.seger; h=Content-Type:MIME-Version:Message-ID:Subject:To:From: Date:Reply-To:Cc:Content-Transfer-Encoding:Content-ID:Content-Description: In-Reply-To:References; bh=VAqUL3Y4ImJREYVBMx4eySln+1VvND8QQz4gv41Km6Y=; b=jS 7Vsfmih3/5RCqtoDuhYVzkIe6712uAUz0bL9V9Fz82SuyvBS/tOt5MBMgImGrouaS2zLQy8YWzWLW D0Zv7eXjUWmqOq67miXJYsC7YfvTSdimiqS52psv/7svf4o85EyUGfcrnlCzPT3vZRRqA1tF6xluR JQiGMCd9PaHa9gPfFG2c6dVVUsb3sP06gUcJS1/7wn+5TLhjMZCs5SWJUJkbveCCmU82sMedXQ7pl I4Re3pqgWUkJI8PEQzI+09cU+Ik9fZQ4AgrVPrzR7CAd4KmNtXwTtNSrYUinIHP1al9YhRNuygFvz i/LuEupFrbloLihscxDfuL0rB6tNsULA==;
- Old-return-path: <jmm AT seger.debian.org>
- Priority: urgent
- Resent-date: Thu, 1 Apr 2021 19:50:16 +0000 (UTC)
- Resent-from: debian-security-announce AT lists.debian.org
- Resent-message-id: <93If5-GnQYF.A.oI.4PiZgB@bendel>
- Resent-sender: debian-security-announce-request AT lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
- -------------------------------------------------------------------------
Debian Security Advisory DSA-4882-1 security AT debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
April 01, 2021 https://www.debian.org/security/faq
- -------------------------------------------------------------------------
Package : openjpeg2
CVE ID : CVE-2020-6851 CVE-2020-8112 CVE-2020-15389 CVE-2020-27814
CVE-2020-27823 CVE-2020-27824 CVE-2020-27841 CVE-2020-27842
CVE-2020-27843 CVE-2020-27845
Multiple vulnerabilities have been discovered in openjpeg2, the
open-source JPEG 2000 codec, which could result in denial of service or
the execution of arbitrary code when opening a malformed image.
For the stable distribution (buster), these problems have been fixed in
version 2.3.0-2+deb10u2.
We recommend that you upgrade your openjpeg2 packages.
For the detailed security status of openjpeg2 please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/openjpeg2
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
Mailing list: debian-security-announce AT lists.debian.org
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmBmIUYACgkQEMKTtsN8
TjYA5w//cWmhgNzMX/EHC3y0BAMFGSnaqzvHftcpPjaq3/ZC3dtQQ5OCL1+dmjdj
0gM7Q1/88WO3HRsJ72AJstZeDf1zIBvLZlPPottlXT2XfGCWFkW26rtb808pOpiq
H8wzaBPLB/IkwA2k+DExHG+jpBNaDeu9c544Tt94KU41XUjAK0jGc+wGVLeFrRZs
rXrOdyCdnoaHf9haWOEOTtZPXUU2LKxyDNHBZGgNlpU8bSiKZOT/YPayXhP3YDhO
vRDXfDdCd11M8pNVhXNGJLvVud7+QQP1NgjqgwpOCR6DXg3Fd1ilkWY+nBrlJkvv
x33IYB1E78d0QGK4r5nXZrGA2K4jBflIw3n1YHpdVd2+UDLBFcgAFLZmGBV3XHWb
4+xVlmjR8IDgvdn8CjalXyqRe6z+EaWSb9PsQHBIQV1jR7ZVghEnsite/qiqE1H0
7Gj5m2sTJXEbOEsfh24bXpNgx/USt7IRvlckYQSRiwZieS0yCk7LW1R9twggpy7E
NgCIZnfbFH9ugf/EDtzX+kT5FkCpBTxNfv3M0tBNgc9635mln/1jFACxZ187KDCX
xxNj3W2010JbnCWcjSvGk8S8oD9mVJUhwSrwpXj2gMD5cg6DHqG5fwUiAa2Dg0TS
AsEd4FlRMe2vVEaxkLDJpYzVOz/0AKW+e0oo7AJ4CmINDbO0jXQ=
=Q7e7
-----END PGP SIGNATURE-----
- [IT-SecNots] [SECURITY] [DSA 4882-1] openjpeg2 security update, Moritz Muehlenhoff, 01.04.2021
Archiv bereitgestellt durch MHonArc 2.6.24.