There are 4 open security issues in bullseye.
3 issues left for the package maintainer to handle:
- CVE-2021-3575:
(needs triaging)
A heap-based buffer overflow was found in openjpeg in color.c:379:42 in sycc420_to_rgb when decompressing a crafted .j2k file. An attacker could use this to execute arbitrary code with the permissions of the application compiled against openjpeg.
- CVE-2022-1122:
(needs triaging)
A flaw was found in the opj2_decompress program in openjpeg2 2.4.0 in the way it handles an input directory with a large number of files. When it fails to allocate a buffer to store the filenames of the input directory, it calls free() on an uninitialized pointer, leading to a segmentation fault and a denial of service.
- CVE-2021-29338:
(needs triaging)
Integer Overflow in OpenJPEG v2.4.0 allows remote attackers to crash the application, causing a Denial of Service (DoS). This occurs when the attacker uses the command line option "-ImgDir" on a directory that contains 1048576 files.
You can find information about how to handle these issues in the security team's documentation.
1 ignored issue:
- CVE-2019-6988:
An issue was discovered in OpenJPEG 2.3.0. It allows remote attackers to cause a denial of service (attempted excessive memory allocation) in opj_calloc in openjp2/opj_malloc.c, when called from opj_tcd_init_tile in openjp2/tcd.c, as demonstrated by the 64-bit opj_decompress.
![[bug history graph]](https://qa.debian.org/data/bts/graphs/o/openjpeg2.png){kind=link}