On Thu, 12 Apr 2012, Funda Wang wrote: > Hello, > > Could somebody push openjpeg 1.5.0 into cauldron? It fixed > CVE-2012-1499: The JPEG 2000 codec in OpenJPEG before 1.5 does not > properly allocate memory during file parsing, which allows remote > attackers to execute arbitrary code via a crafted file. Submitted by ennael.