SUSE-SU-2022:1296-1 -- SLES openjpeg, libopenjpeg1ID: oval:org.secpod.oval:def:89047356 | Date: (C)2022-12-01 (M)2024-05-06 |
Class: PATCH | Family: unix |
This update for openjpeg fixes the following issues: - CVE-2018-14423: Fixed division-by-zero vulnerabilities in the functions pi_next_pcrl, pi_next_cprl,and pi_next_rpcl in lib/openjp3d/pi.c . - CVE-2018-16376: Fixed heap-based buffer overflow function t2_encode_packet in lib/openmj2/t2.c . - CVE-2020-8112: Fixed a heap buffer overflow in opj_t1_clbl_decode_processor in openjp2/t1.c . - CVE-2020-15389: Fixed a use-after-free if a mix of valid and invalid files in a directory operated on by the decompressor . - CVE-2020-27823: Fixed a heap buffer over-write in opj_tcd_dc_level_shift_encode , - CVE-2021-29338: Fixed an integer Overflow allows remote attackers to crash the application .
Platform: |
SUSE Linux Enterprise Desktop 15 SP4 |
SUSE Linux Enterprise Desktop 15 SP3 |
Product: |
openjpeg |
libopenjpeg1 |