File _patchinfo of Package patchinfo.3885

<patchinfo incident="3885">
  <issue id="1007740" tracker="bnc">VUL-0: CVE-2016-9114: openjpeg2: NULL Pointer Access in function imagetopnm of convert.c:1943(jp2)</issue>
  <issue id="1007741" tracker="bnc">VUL-0: CVE-2016-9115: openjpeg2: Heap Buffer Overflow in function imagetotga of convert.c(jp2):942</issue>
  <issue id="1014975" tracker="bnc">VUL-0: CVE-2016-9580, CVE-2016-9581: openjpeg2: heap buffer overflows</issue>
  <issue id="1007743" tracker="bnc">VUL-1: CVE-2016-9117: openjpeg2: NULL Pointer Access in function imagetopnm of convert.c(jp2):1289</issue>
  <issue id="1007744" tracker="bnc">VUL-0: CVE-2016-9118: openjpeg2: Heap Buffer Overflow in function pnmtoimage of convert.c</issue>
  <issue id="1007747" tracker="bnc">VUL-0: CVE-2016-9112: openjpeg2: FPE(Floating Point Exception) in lib/openjp2/pi.c:523</issue>
  <issue id="1007742" tracker="bnc">VUL-0: CVE-2016-9116: openjpeg2: NULL Pointer Access in function imagetopnm of convert.c:2226(jp2)</issue>
  <issue id="1007739" tracker="bnc">VUL-0: CVE-2016-9113: openjpeg2: NULL point dereference in function imagetobmp of convertbmp.c</issue>
  <issue id="1014543" tracker="bnc">VUL-0: CVE-2016-9572 CVE-2016-9573: openjpeg: heap buffer overflow due to insufficient check in imagetopnm()</issue>
  <issue id="1002414" tracker="bnc">VUL-0: CVE-2016-8332: openjpeg2: OpenJPEG JPEG2000 mcc record Code Execution Vulnerability</issue>
  <issue id="999817" tracker="bnc">VUL-0: CVE-2016-7445: openjpeg2: Null pointer dereference in convert.c</issue>
  <issue id="2016-9572" tracker="cve" />
  <issue id="2016-8332" tracker="cve" />
  <issue id="2016-9581" tracker="cve" />
  <issue id="2016-9580" tracker="cve" />
  <issue id="2016-9114" tracker="cve" />
  <issue id="2016-9115" tracker="cve" />
  <issue id="2016-9116" tracker="cve" />
  <issue id="2016-9117" tracker="cve" />
  <issue id="2016-9112" tracker="cve" />
  <issue id="2016-9113" tracker="cve" />
  <issue id="2016-7445" tracker="cve" />
  <issue id="2016-9573" tracker="cve" />
  <issue id="2016-9118" tracker="cve" />
  <category>security</category>
  <rating>important</rating>
  <packager>hpjansson</packager>
  <description>
This update for openjpeg2 fixes the following issues:

* CVE-2016-9114: NULL Pointer Access in function imagetopnm of convert.c:1943(jp2) could lead to crash [bsc#1007740]
* CVE-2016-9115: Heap Buffer Overflow in function imagetotga of convert.c(jp2) [bsc#1007741]
* CVE-2016-9580, CVE-2016-9581: Possible Heap buffer overflow via integer overflow and infite loop [bsc#1014975]
* CVE-2016-9117: NULL Pointer Access in function imagetopnm of convert.c(jp2):1289 [bsc#1007743]
* CVE-2016-9118: Heap Buffer Overflow in function pnmtoimage of convert.c [bsc#1007744] 
* CVE-2016-9112: FPE(Floating Point Exception) in lib/openjp2/pi.c:523 [bsc#1007747] 
* CVE-2016-9116: NULL Pointer Access in function imagetopnm of convert.c:2226(jp2) [bsc#1007742]
* CVE-2016-9113: NULL point dereference in function imagetobmp of convertbmp.c could lead to crash [bsc#1007739] 
* CVE-2016-9572 CVE-2016-9573: Insuficient check in imagetopnm() could lead to heap buffer overflow [bsc#1014543]
* CVE-2016-8332: Malicious file in OpenJPEG JPEG2000 format  could lead to code execution [bsc#1002414] 
* CVE-2016-7445: Null pointer dereference in convert.c could lead to crash [bsc#999817] 
 
</description>
  <summary>Security update for openjpeg2</summary>
</patchinfo>
Places

File _patchinfo of Package patchinfo.3885

Places
