[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#33924: OpenJPEG security issues
From: |
Leo Famulari |
Subject: |
bug#33924: OpenJPEG security issues |
Date: |
Sun, 30 Dec 2018 12:41:50 -0500 |
User-agent: |
Mutt/1.11.0 (2018-11-25) |
There are several open security bugs in our package of OpenJPEG 2.3.0:
http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=openjpeg
`guix refresh -l openjpeg` reports that several thousand packages would
need to be rebuilt if we changed OpenJPEG, so we will need to fix these
bugs by cherry-picking the upstream bugfix patches in a grafted
replacement package.
If anyone is interested in doing the work and needs advice, please ask
for help :)
These are the CVE identifiers:
CVE-2017-17479
CVE-2018-5727
CVE-2018-5785
CVE-2018-6616
CVE-2018-7648
CVE-2018-14423
CVE-2018-16375
CVE-2018-16376
CVE-2018-17480
CVE-2018-18088
signature.asc
Description: PGP signature
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- bug#33924: OpenJPEG security issues,
Leo Famulari <=