Please read this before reporting a bug:
https://wiki.archlinux.org/index.php/Reporting_Bug_Guidelines
Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.
REPEAT: Do NOT report bugs for outdated packages!
https://wiki.archlinux.org/index.php/Reporting_Bug_Guidelines
Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.
REPEAT: Do NOT report bugs for outdated packages!
FS#68906 - [openjpeg2] [Security] arbitrary code execution (CVE-2020-27823)
Attached to Project:
Arch Linux
Opened by Jonas Witschel (diabonas) - Wednesday, 09 December 2020, 11:05 GMT
Last edited by Andreas Radke (AndyRTR) - Wednesday, 09 December 2020, 15:30 GMT
Opened by Jonas Witschel (diabonas) - Wednesday, 09 December 2020, 11:05 GMT
Last edited by Andreas Radke (AndyRTR) - Wednesday, 09 December 2020, 15:30 GMT
|
DetailsSummary
======= The package openjpeg2 is vulnerable to arbitrary code execution via CVE-2020-27823. Guidance ======== Applying the commit referenced below fixes the issue. References ========== https://security.archlinux.org/AVG-1339 https://github.com/uclouvain/openjpeg/issues/1284 https://github.com/uclouvain/openjpeg/commit/b2072402b7e14d22bba6fb8cde2a1e9996e9a919 |
This task depends upon
Closed by Andreas Radke (AndyRTR)
Wednesday, 09 December 2020, 15:30 GMT
Reason for closing: Fixed
Additional comments about closing: 2.3.1-3
Wednesday, 09 December 2020, 15:30 GMT
Reason for closing: Fixed
Additional comments about closing: 2.3.1-3