Mon Feb 26 20:09:43 UTC 202420240226200943_15.0

patches/packages/openjpeg-2.5.1-x86_64-1_slack15.0.txz:  Upgraded.
  Fixed a heap-based buffer overflow in openjpeg in color.c:379:42 in
  sycc420_to_rgb when decompressing a crafted .j2k file. An attacker could use
  this to execute arbitrary code with the permissions of the application
  compiled against openjpeg.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2021-3575
  (* Security fix *)

1 files changed, 10 insertions, 0 deletions

diff --git a/ChangeLog.txt b/ChangeLog.txt
index f8c4bbc1c..3a028b509 100644
--- a/ChangeLog.txt
+++ b/ChangeLog.txt
@@ -1,3 +1,13 @@
+Mon Feb 26 20:09:43 UTC 2024
+patches/packages/openjpeg-2.5.1-x86_64-1_slack15.0.txz:  Upgraded.
+  Fixed a heap-based buffer overflow in openjpeg in color.c:379:42 in
+  sycc420_to_rgb when decompressing a crafted .j2k file. An attacker could use
+  this to execute arbitrary code with the permissions of the application
+  compiled against openjpeg.
+  For more information, see:
+    https://www.cve.org/CVERecord?id=CVE-2021-3575
+  (* Security fix *)
++--------------------------+
 Sun Feb 25 19:16:52 UTC 2024
 patches/packages/whois-5.5.21-x86_64-1_slack15.0.txz:  Upgraded.
   Updated the .cv and .sd TLD servers.