[Mageia-dev] Freeze push: openjpeg 1.5.0

Funda Wang fundawang at gmail.com
Thu Apr 12 08:47:22 CEST 2012


Hello,

Could somebody push openjpeg 1.5.0 into cauldron? It fixed
CVE-2012-1499: The JPEG 2000 codec in OpenJPEG before 1.5 does not
properly allocate memory during file parsing, which allows remote
attackers to execute arbitrary code via a crafted file.

Thanks.


More information about the Mageia-dev mailing list