diff options
author | Patrick J Volkerding <volkerdi@slackware.com> | 2024-02-26 20:09:43 +0000 |
---|---|---|
committer | Eric Hameleers <alien@slackware.com> | 2024-02-27 13:30:41 +0100 |
commit | 60089103715082a054843f65cd0b22f24361b165 (patch) | |
tree | 613a54754501ed251a2778e60fe213776d21fcd8 /ChangeLog.txt | |
parent | 76371c76c59cf58c1bcaaa33a272b1b839c18bc6 (diff) | |
download | current-60089103715082a054843f65cd0b22f24361b165.tar.gz current-60089103715082a054843f65cd0b22f24361b165.tar.xz |
Mon Feb 26 20:09:43 UTC 202420240226200943_15.0
patches/packages/openjpeg-2.5.1-x86_64-1_slack15.0.txz: Upgraded.
Fixed a heap-based buffer overflow in openjpeg in color.c:379:42 in
sycc420_to_rgb when decompressing a crafted .j2k file. An attacker could use
this to execute arbitrary code with the permissions of the application
compiled against openjpeg.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2021-3575
(* Security fix *)
Diffstat (limited to 'ChangeLog.txt')
-rw-r--r-- | ChangeLog.txt | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/ChangeLog.txt b/ChangeLog.txt index f8c4bbc1c..3a028b509 100644 --- a/ChangeLog.txt +++ b/ChangeLog.txt @@ -1,3 +1,13 @@ +Mon Feb 26 20:09:43 UTC 2024 +patches/packages/openjpeg-2.5.1-x86_64-1_slack15.0.txz: Upgraded. + Fixed a heap-based buffer overflow in openjpeg in color.c:379:42 in + sycc420_to_rgb when decompressing a crafted .j2k file. An attacker could use + this to execute arbitrary code with the permissions of the application + compiled against openjpeg. + For more information, see: + https://www.cve.org/CVERecord?id=CVE-2021-3575 + (* Security fix *) ++--------------------------+ Sun Feb 25 19:16:52 UTC 2024 patches/packages/whois-5.5.21-x86_64-1_slack15.0.txz: Upgraded. Updated the .cv and .sd TLD servers. |