it-securitynotifies AT lists.piratenpartei.de
Betreff: Sicherheitsankündigungen
Listenarchiv
- From: Moritz Muehlenhoff <jmm AT debian.org>
- To: debian-security-announce AT lists.debian.org
- Subject: [IT-SecNots] [SECURITY] [DSA 5851-1] openjpeg2 security update
- Date: Mon, 27 Jan 2025 19:28:36 +0000
- Authentication-results: lists.piratenpartei.de; dkim=none; spf=none (lists.piratenpartei.de: domain of "bounce-debian-security-announce=it-securitynotifies=lists.piratenpartei.de AT lists.debian.org" has no SPF policy when checking 2001:41b8:202:deb:216:36ff:fe40:4002) smtp.mailfrom="bounce-debian-security-announce=it-securitynotifies=lists.piratenpartei.de AT lists.debian.org"; dmarc=none
- List-archive: https://lists.debian.org/msgid-search/Z5feZADJhQC/CkMj AT seger.debian.org
- List-id: <debian-security-announce.lists.debian.org>
- List-url: <http://lists.debian.org/debian-security-announce/>
- Old-dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=debian.org; s=smtpauto.seger; h=Content-Type:MIME-Version:Message-ID:Subject:To:From:Date :Reply-To:Cc:Content-Transfer-Encoding:Content-ID:Content-Description: In-Reply-To:References; bh=t34r2dXeD+Ks1XsZyXYcoa6uV7lGncQ2C65+lo7Fk/c=; b=F6 qfV9YwX3sJ8MAMclaOX3E9hs0QR2bPYRdAExN9MHj6ju29MzzVIvPzNVqni9l+bwRqsEw30eiaCh8 +PJkyDD2X3XdJzd4/ulwCzmHYpzPDMz4GZmDwFWV9ujLh30wod/pn3jYYi9CYTJLGAsK0LBPykBdo o5Ca8iMSJTuiXfU82cbHon7cLDB/3KpwZCy05MITUAGGQhWSNMzz4uvHq1nVNZ5ryOqiJ/uyE4WYN O4UjEoCDgNsNHDu4pSaY+AYiiot0ShvlyCbAOoZHodQ7I/EpHviQ8RCFLsWKUFeIAzq2B4HAKHs66 firvv9Lc3/1SRFeDabTaowOnGchTsSvA==;
- Old-return-path: <jmm AT seger.debian.org>
- Priority: urgent
- Resent-date: Mon, 27 Jan 2025 19:28:59 +0000 (UTC)
- Resent-from: debian-security-announce AT lists.debian.org
- Resent-message-id: <4NtmmFjzkDD.A.VnxC.759lnB@bendel>
- Resent-sender: debian-security-announce-request AT lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
- -------------------------------------------------------------------------
Debian Security Advisory DSA-5851-1 security AT debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
January 27, 2025 https://www.debian.org/security/faq
- -------------------------------------------------------------------------
Package : openjpeg2
CVE ID : CVE-2024-56826 CVE-2024-56827
Multiple vulnerabilities have been discovered in openjpeg2, the
open-source JPEG 2000 codec, which could result in denial of service or
the execution of arbitrary code if malformed images are opened.
For the stable distribution (bookworm), these problems have been fixed in
version 2.5.0-2+deb12u1.
We recommend that you upgrade your openjpeg2 packages.
For the detailed security status of openjpeg2 please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/openjpeg2
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
Mailing list: debian-security-announce AT lists.debian.org
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmeX3kkACgkQEMKTtsN8
Tja9vg/+LWMz9m3RgRWAe6biHzW8sU6z4npWNHNPZo9lsHovtCeoWdjjtEy9GtNO
w6YENT/Ot3mOuIFjj5sB/v9efLf3Vdcaa09IqubZ9WucrRqw2xnldQpXG9ZDw2rz
FaItMxVv3P4MAEERY3MyVwP3qxW71NrpSA1mglpUPG17qDWjeA67Sjx9mslpH53u
LZScZqgYcMOyfXKFRvlNCrahBSCWtuTnBum0xEhuZ3KM12ng2RxGPMpJrvBWmhwS
N22R+Z5xHJ7kpoCUf3VmvvkiWOB3p1LuLFyQ/uJer85JpUsBSjsn1KnggF11mnOP
wCU9xkQretjeX7yAXkxDCAcg6tNcB5D/ePVx4tHVWW8ejurayhQtmL5fxyjnJqQG
+idrchqM/Ai5kUrdQbHjemAWvF8i6U91tB/elTITi7nNzWhD4yVT1u5vLeX7U372
6aLzmkMCjoA9YAnm9U7Snnze2v6hXKZ6D4j/setZjeCYRoisrINvT7rY1sX8sFco
tboF6GCRKMtgGfMnN2USwrxcz/l15PPZReh09TBAhWMvzI2Wxx6E6D7Wks618xZK
QO28qirJzWAxw4VsZyIOK2Bpp0diJlqsI3ZD8cWdd9WzSeVMMLWGBrevPi9l2VhW
fHTZ+3oWKF/25KqoLDmjBFVwzFLIrbGRsarZcQ2Qkwyhm3+BaWo=
=8Tqj
-----END PGP SIGNATURE-----
- [IT-SecNots] [SECURITY] [DSA 5851-1] openjpeg2 security update, Moritz Muehlenhoff, 27.01.2025
Archiv bereitgestellt durch MHonArc 2.6.19+.