Bugzilla – Bug 757260
VUL-0: openjpeg: heap corruption
Last modified: 2012-07-04 05:51:02 UTC
Via oss-sec: Date: Fri, 13 Apr 2012 12:59:59 +0530 From: Huzaifa Sidhpurwala To: oss-security Hi All, While looking at openjpeg, i found the following bug in their tracker, which still seems to be un-addressed. http://code.google.com/p/openjpeg/issues/detail?id=5 I dont think a CVE id has been assigned to this issue yet.
Via oss-sec: Yes, doesn't look so one got assigned for this one yet, since: http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=openjpeg provides just recent CVE-2012-1499. To the: http://code.google.com/p/openjpeg/issues/detail?id=5 issue itself: 1) It should get a CVE-2009-* identifier (upstream ticket is public from 2009-Jul-31). 2) From the issue reasons investigation, it seems to be combination of heap-based buffer invalid reads and writes by processing certain Gray16 TIFF images, leading to invalid free (when such corrupted memory allocated for tile encoder / decoder handle (TCD) is attempted to be freed). More official description in Red Hat bug: https://bugzilla.redhat.com/show_bug.cgi?id=812317 Kurt, could you allocate a 2009 CVE id? Thank you && Regards, Jan. -- Jan iankko Lieskovsky / Red Hat Security Response Team
CVE-2009-5030
bugbot adjusting priority
A patch has been submitted upstream to fix the issue. See: http://code.google.com/p/openjpeg/source/detail?r=1703 If this is OK I'll submit an update in the openjpeg package.
sure, please go ahead and apply the patch
This is an autogenerated message for OBS integration: This bug (757260) was mentioned in https://build.opensuse.org/request/show/126485 Factory / openjpeg
i think this marks it done...