1
Candidate: CVE-2017-14151
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14151
5
https://blogs.gentoo.org/ago/2017/08/16/openjpeg-heap-based-buffer-overflow-in-opj_mqc_flush-mqc-c/
6
https://github.com/uclouvain/openjpeg/commit/afb308b9ccbe129608c9205cf3bb39bbefad90b9
7
https://github.com/uclouvain/openjpeg/issues/982
9
An off-by-one error was discovered in opj_tcd_code_block_enc_allocate_data
10
in lib/openjp2/tcd.c in OpenJPEG 2.2.0. The vulnerability causes an
11
out-of-bounds write, which may lead to remote denial of service (heap-based
12
buffer overflow affecting opj_mqc_flush in lib/openjp2/mqc.c and
13
opj_t1_encode_cblk in lib/openjp2/t1.c) or possibly remote code execution.
22
upstream_openjpeg2: needs-triage
23
precise/esm_openjpeg2: DNE
25
vivid/ubuntu-core_openjpeg2: DNE
26
xenial_openjpeg2: needs-triage
27
zesty_openjpeg2: released (2.1.2-1.1+deb9u2build0.17.04.1)
28
artful_openjpeg2: needs-triage
29
bionic_openjpeg2: needs-triage
30
devel_openjpeg2: needs-triage