[SECURITY] [DLA 1433-1] openjpeg2 security update
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Package : openjpeg2
Version : 2.1.0-2+deb8u4
CVE ID : CVE-2015-1239 CVE-2016-5139
CVE-2015-1239
Fix for denial of service (process crash) via a crafted PDF.
CVE-2016-5139
Fix for integer overflows, allowing a denial of service
(heap-based buffer overflow) or possibly have unspecified
other impact via crafted JPEG 2000 data.
For Debian 8 "Jessie", these problems have been fixed in version
2.1.0-2+deb8u4.
We recommend that you upgrade your openjpeg2 packages.
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iQJ8BAEBCgBmBQJbUPSWXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ2MjAxRkJGRkRCQkRFMDc4MjJFQUJCOTY5
NkZDQUMwRDM4N0I1ODQ3AAoJEJb8rA04e1hHVQsP/R6HxOZhfIC6sg/QqpHeOrdo
vESrZQfTOMIYqjeDZBoZIXliTPZEBwoXqqrwWzCZdQUry8Kkw9qxTHm37SwzXZfy
Whad+KEfr0z5PppfQ3GaVgdAA+Wf/GQPqCP7JIJDsSGYJjyeostn/BP1Jv6QoFnI
N8juCcDdGaxMcUpbZxWlVYRSsoTrfcb6XdJ9I0MvyvGdKIN0a1Y9AJMp4RcCtzYw
+ES0bC+e4V5xh6USgdMk73r0+81OEx+irUn+Zm6vj1M0PWf4VS05QloFw135z5ji
1HeNkV9eFnHlKkJm1HOZuZEwEakfdpfWmnuTvo3I11IdICdMreKqxKOg5vPoxzeV
snFoPQQRfZYGf258kwZnx7redUfhs+4GGBWK19dGTZn6zRf5sNU3/NcewzqHTfoo
h0sck3bg8UJy5Wu7uC0Ls5ikT4kqXB3UAfGT3EdiaJCCyKj2GqQqlp4VVF4djo0L
913LeSn2BT2aM1fFRTso3ZnYgUwhvHqFE5sRcXl+Mqlmmn2ly6ZR4gSu5Dl1izUC
0tRkwo0M0gMyhqb7cnlXJgtuAoTf1iM2RrWa5+UJbIiGal6Hljf3i47gl9No7tmf
CVX/fUjoBBB2arY+uX3hlg3tjbbEwqi9jmcSSr4s2W7IkklMqQJAOc1ELglygBfS
9qQqfbkojth8gSdO/6qy
=N4pa
-----END PGP SIGNATURE-----
Reply to: