Ubuntu
openjpeg2 package

openjpeg2 2.3.1-1ubuntu4.20.04.1 source package in Ubuntu

Changelog

openjpeg2 (2.3.1-1ubuntu4.20.04.1) focal-security; urgency=medium

  * SECURITY UPDATE: use-after-free via directory
    - debian/patches/CVE-2020-15389.patch: fix double-free on input
      directory with mix of valid and invalid images in
      src/bin/jp2/opj_decompress.c.
    - CVE-2020-15389
  * SECURITY UPDATE: heap-buffer-overflow
    - debian/patches/CVE-2020-27814-1.patch: grow buffer size in
      src/lib/openjp2/tcd.c.
    - debian/patches/CVE-2020-27814-2.patch: grow it again
    - debian/patches/CVE-2020-27814-3.patch: and some more
    - debian/patches/CVE-2020-27814-4.patch: bigger, BIGGER!!!
    - CVE-2020-27814
  * SECURITY UPDATE: heap-buffer-overflow write
    - debian/patches/CVE-2020-27823.patch: fix wrong computation in
      src/bin/jp2/convertpng.c.
    - CVE-2020-27823
  * SECURITY UPDATE: global-buffer-overflow
    - debian/patches/CVE-2020-27824.patch: avoid global buffer overflow on
      irreversible conversion when too many decomposition levels are
      specified in src/lib/openjp2/dwt.c.
    - CVE-2020-27824
  * SECURITY UPDATE: out-of-bounds read
    - debian/patches/CVE-2020-27841.patch: add extra checks to
      src/lib/openjp2/pi.c, src/lib/openjp2/pi.h, src/lib/openjp2/t2.c.
    - CVE-2020-27841
  * SECURITY UPDATE: null pointer dereference
    - debian/patches/CVE-2020-27842.patch: add check to
      src/lib/openjp2/t2.c.
    - CVE-2020-27842
  * SECURITY UPDATE: out-of-bounds read
    - debian/patches/CVE-2020-27843.patch: add check to
      src/lib/openjp2/t2.c.
    - CVE-2020-27843
  * SECURITY UPDATE: out-of-bounds read
    - debian/patches/CVE-2020-27845.patch: add extra checks to
      src/lib/openjp2/pi.c.
    - CVE-2020-27845

 -- Marc Deslauriers <email address hidden>  Wed, 06 Jan 2021 09:44:46 -0500

Upload details

Uploaded by:
Marc Deslauriers
Uploaded to:
Focal
Original maintainer:
Ubuntu Developers
Architectures:
any all
Section:
libs
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section
Focal updates main misc
Focal security main misc

Downloads

File Size SHA-256 Checksum
openjpeg2_2.3.1.orig.tar.xz 1.3 MiB 69d39843a25f1a482e1b568fd042eb34837ffc0d708ab7717edeb52e592ecbeb
openjpeg2_2.3.1-1ubuntu4.20.04.1.debian.tar.xz 24.6 KiB 8337d23211667391e007f6dc4b78c5f13ffbb6957c6489eb46bc6971dddfef2d
openjpeg2_2.3.1-1ubuntu4.20.04.1.dsc 2.8 KiB 867929282cc9a0e7dbefb2aa388dc88840bf00a8e009df764ea5a45dca6c3dfa

View changes file

Binary packages built by this source

libopenjp2-7: JPEG 2000 image compression/decompression library

 OpenJPEG is a library for handling the JPEG 2000 image compression format.
 JPEG 2000 is a wavelet-based image compression standard and permits progressive
 transmission by pixel and resolution accuracy for progressive downloads of an
 encoded image. It supports lossless and lossy compression, supports higher
 compression than JPEG 1991, and has resilience to errors in the image.
 .
 This package contains the runtime files for openjpeg 2.x

libopenjp2-7-dbgsym: debug symbols for libopenjp2-7
libopenjp2-7-dev: development files for OpenJPEG, a JPEG 2000 image library

 OpenJPEG is a library for handling the JPEG 2000 image compression format.
 JPEG 2000 is a wavelet-based image compression standard and permits progressive
 transmission by pixel and resolution accuracy for progressive downloads of an
 encoded image. It supports lossless and lossy compression, supports higher
 compression than JPEG 1991, and has resilience to errors in the image.
 .
 This package contains the development files for openjpeg 2.x

libopenjp2-tools: command-line tools using the JPEG 2000 library

 This package provides with command-line tools allowing for conversions between
 several formats and also provides tools for encoding and decoding
 motion-jpeg2000 video formats:
 .
  - opj_decompress: decodes j2k, jp2, and jpt files to pgm, ppm, pnm,
                  pgx, and bmp.
  - opj_compress: encodes pnm, pgm, pgx, bmp, and ppm files to j2k,
                  and jp2.
  - opj_dump: dump information contains in j2k and jp2.
  - index_create: create jp2 with JPIP index file from a j2k file.
  - frames_to_mj2: convert YUV video streams to mj2 format.
  - mj2_to_frames: convert mj2 video streams to YUV format.
  - wrap_j2k_in_mj2: wrap j2k codestreams into mj2 format.
  - extract-j2k-from_mj2: extract j2k codestreams from the mj2 format.

libopenjp2-tools-dbgsym: debug symbols for libopenjp2-tools
libopenjp3d-tools: command-line tools using the JPEG 2000 - 3D library

 This package provides with command-line tools allowing for conversions between
 several formats and also provides tools for encoding and decoding
 jpeg 3D formats:
 .
  - opj_jp3d_compress: compress into JP3D volume
  - opj_jp3d_decompress: decompress JP3D volume

libopenjp3d-tools-dbgsym: debug symbols for libopenjp3d-tools
libopenjp3d7: JP3D (JPEG 2000 / Part 10) image compression/decompression library

 OpenJPEG is a library for handling the JPEG 2000 image compression format.
 JPEG 2000 is a wavelet-based image compression standard and permits progressive
 transmission by pixel and resolution accuracy for progressive downloads of an
 encoded image. It supports lossless and lossy compression, supports higher
 compression than JPEG 1991, and has resilience to errors in the image.
 .
 This is an implementation of the JPEG 2000 (JP3D) volumetric imaging (Part-10)

libopenjp3d7-dbgsym: debug symbols for libopenjp3d7
libopenjpip-dec-server: tool to allow caching of JPEG 2000 files using JPIP protocol

 This is client side application for caching remote JPEG 2000 using the JPIP
 protocol. This command line application needs to run on the client side to
 allow application such as opj_viewer to view images.

libopenjpip-dec-server-dbgsym: debug symbols for libopenjpip-dec-server
libopenjpip-server: JPIP server for JPEG 2000 files

 OpenJPIP software is an implementation of JPEG 2000 Part9: Interactivity tools,
 APIs and protocols (JPIP). For more info about JPIP, check the website:
 http://www.jpeg.org/jpeg2000/j2kpart9.html. The current implementation uses
 some results from the 2KAN project (http://www.2kan.org).
 .
 First Version covers:
 .
  - JPT-stream (Tile based) and JPP-stream (Precinct based) media types
  - Session, channels, cache model managements
  - JPIP over HTTP
  - Indexing JPEG 2000 files
  - Embedding XML formatted metadata
  - Region Of Interest (ROI) requests

libopenjpip-server-dbgsym: debug symbols for libopenjpip-server
libopenjpip-viewer: JPEG 2000 java based viewer for advanced remote JPIP access

 Java based client to view remote JPEG 2000 using JPIP protocol.
 This is a simple java viewer to allow:
 .
  - Scale up request: Enlarge the window
  - ROI request: Select a region by mouse click and drag, then click inside the
    red frame of the selected region
  - Annotate image with ROI information in XML metadata: Click button "Region
    Of Interest"
  - Open a new window presenting an aligned image with a locally stored image:
    Click button "Image Registration" (Under Construction)

libopenjpip7: JPEG 2000 Interactive Protocol

 OpenJPEG is a library for handling the JPEG 2000 image compression format.
 JPEG 2000 is a wavelet-based image compression standard and permits progressive
 transmission by pixel and resolution accuracy for progressive downloads of an
 encoded image. It supports lossless and lossy compression, supports higher
 compression than JPEG 1991, and has resilience to errors in the image.
 .
 This is an implementation of the JPEG 2000 Interactive Protocol (Part-9)

libopenjpip7-dbgsym: debug symbols for libopenjpip7