-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sun, 10 Mar 2019 18:34:51 +0100 Source: openjpeg2 Binary: libopenjp2-7-dev libopenjp2-7 libopenjpip7 libopenjp3d7 libopenjpip-dec-server libopenjpip-viewer libopenjpip-server libopenjp3d-tools libopenjp2-tools Architecture: source Version: 2.3.0-2 Distribution: unstable Urgency: high Maintainer: Debian PhotoTools Maintainers <pkg-phototools-devel@lists.alioth.debian.org> Changed-By: Mathieu Malaterre <malat@debian.org> Description: libopenjp2-7 - JPEG 2000 image compression/decompression library libopenjp2-7-dev - development files for OpenJPEG, a JPEG 2000 image library libopenjp2-tools - command-line tools using the JPEG 2000 library libopenjp3d-tools - command-line tools using the JPEG 2000 - 3D library libopenjp3d7 - JP3D (JPEG 2000 / Part 10) image compression/decompression librar libopenjpip-dec-server - tool to allow caching of JPEG 2000 files using JPIP protocol libopenjpip-server - JPIP server for JPEG 2000 files libopenjpip-viewer - JPEG 2000 java based viewer for advanced remote JPIP access libopenjpip7 - JPEG 2000 Interactive Protocol Closes: 884738 888533 889683 904873 910763 Changes: openjpeg2 (2.3.0-2) unstable; urgency=high . [ Hugo Lefeuvre ] * CVE-2017-17480: stack-based buffer overflow in the pgxtovolume function in jp3d/convert.c (Closes: #884738). * CVE-2018-14423: division-by-zero in pi_next_pcrl, pi_next_cprl, and pi_next_rpcl in lib/openjp3d/pi.c (Closes: #904873). * CVE-2018-18088: null pointer dereference in imagetopnm in jp2/convert.c (Closes: #910763). * CVE-2018-5785: integer overflow caused by an out-of-bounds left shift in the opj_j2k_setup_encoder function (openjp2/j2k.c) (Closes: #888533). * CVE-2018-6616: excessive iteration in the opj_t1_encode_cblks function of openjp2/t1.c (Closes: #889683). . [ Mathieu Malaterre ] * Add Hugo as Uploader Checksums-Sha1: 26883ff0dfeb5e7e8fa32954a0ac04ad8b3a0ef0 2757 openjpeg2_2.3.0-2.dsc c270a0b9ab31b9484c265fe0f7f5263ddbfdd68b 21040 openjpeg2_2.3.0-2.debian.tar.xz 775b0ffea7429fa7b8cf7fdb66e8a67b71c90c9a 15501 openjpeg2_2.3.0-2_source.buildinfo Checksums-Sha256: 3b5e407cde75432d1a9bdd92ee229644d1e804302f6421b24fe91372bdcf4841 2757 openjpeg2_2.3.0-2.dsc def9d0c3020e494fc9e69a674f03e11e736e7765292cf0fe01d481f4cb578b5a 21040 openjpeg2_2.3.0-2.debian.tar.xz 926398f35fa8e3a8b83d01613ae7300826048a507674e2819312ea7c39528254 15501 openjpeg2_2.3.0-2_source.buildinfo Files: 2d5fcb24dfc3176548866a25a6e34a19 2757 libs optional openjpeg2_2.3.0-2.dsc 6321d54d89ffcf19bf79ea180bfdcfd4 21040 libs optional openjpeg2_2.3.0-2.debian.tar.xz b88b898e9482387089fe63c1f3b13c87 15501 libs optional openjpeg2_2.3.0-2_source.buildinfo -----BEGIN PGP SIGNATURE----- iQJFBAEBCgAvFiEEaTNn/67NjqrNHwY7AXHhgorgk0UFAlyFSw0RHG1hbGF0QGRl Ymlhbi5vcmcACgkQAXHhgorgk0UmTg//STU21I8TDyd5qSDCoPBSlthHVfCL7r1/ +3w5Of30DdpPJQ0luyKM6YbqieGgH+IEyEB4yU8H155amLs1MWPuwZuCsOVfv3BH gzSKJpFVCYQ+XyH39XMyZ57yKZfQaMBO4/Q2VVYKDHdz3xTUvDh9J+eZhO3uu2d3 6R6EfBERfCi2l9+pq0l8/hFn0+tAp95wqM+fkQDis4QpLmVwxRM/3QlgveDKUqeD F9XYwc6HBsHHkJgkA8jNsUWXtYEapM+9Nya7J8Ndqtj5KH5Jy7dklI7PIAJV4S9y DNQ6lrXskpKqU+UsYYTTvX8ZkK+nN+ubUwixCbawYITH2Li3Qp+KKeDhKYWvs8i6 U4HT21HH+2Khf3qKNSwYB5yT70fdu5cNXEMw5FngfWT9Vjk8DsHu/7fv0Idi21XT YCVYZPWl/SXOIXC52J793BUhL8WA39eYk1iGVr8Bqhw3pwEmN6gkazwaFx2obfch hrrfd+d/vo9+8096HVrRjfPM7Dw7gBvVtS6Cs5+GUx9MFeVdmUIeScpxp1yJ+1oh ddvreeRneCO5fBzRFbZPMfiUY3YNUGTBI/3wV0yRfqoSXnB0gZm6rFrTPjtdFYaq ZP8NWvC7I1xsyFpBmRnY78JZfOmMkDC+NfAvTEdyo2wIxjjnTT184PMto0gwm0Z8 EWWuVSm7Mk0= =thfA -----END PGP SIGNATURE-----
