Synopsis: Important: openjpeg security update
Advisory ID: SLSA-2013:1850-1
Issue Date: 2013-12-17
CVE Numbers: CVE-2013-6052
CVE-2013-6045
CVE-2013-6054
CVE-2013-1447
—
Multiple heap-based buffer overflow flaws were found in OpenJPEG. An
attacker could create a specially crafted OpenJPEG image that, when
opened, could cause an application using openjpeg to crash or, possibly,
execute arbitrary code with the privileges of the user running the
application. (CVE-2013-6045, CVE-2013-6054)
Multiple denial of service flaws were found in OpenJPEG. An attacker could
create a specially crafted OpenJPEG image that, when opened, could cause
an application using openjpeg to crash (CVE-2013-1447, CVE-2013-6052)
All running applications using OpenJPEG must be restarted for the update
to take effect.
—
SL6
x86_64
openjpeg-debuginfo-1.3-10.el6_5.i686.rpm
openjpeg-debuginfo-1.3-10.el6_5.x86_64.rpm
openjpeg-libs-1.3-10.el6_5.i686.rpm
openjpeg-libs-1.3-10.el6_5.x86_64.rpm
openjpeg-1.3-10.el6_5.x86_64.rpm
openjpeg-devel-1.3-10.el6_5.i686.rpm
openjpeg-devel-1.3-10.el6_5.x86_64.rpm
i386
openjpeg-debuginfo-1.3-10.el6_5.i686.rpm
openjpeg-libs-1.3-10.el6_5.i686.rpm
openjpeg-1.3-10.el6_5.i686.rpm
openjpeg-devel-1.3-10.el6_5.i686.rpm
– Scientific Linux Development Team
