Back to bug 1382202
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Doran Moppert | 2016-10-06 00:49:04 UTC | Blocks | 1374338 | |
| Doran Moppert | 2016-10-06 00:49:21 UTC | Depends On | 1382204 | |
| Doran Moppert | 2016-10-06 00:49:32 UTC | Depends On | 1382205 | |
| Doran Moppert | 2016-11-29 23:20:59 UTC | Summary | openjpeg: incorrect fix for CVE-2013-6045 | CVE-2016-9675 openjpeg: incorrect fix for CVE-2013-6045 |
| Alias | CVE-2016-9675 | |||
| Slawomir Czarko | 2016-12-23 10:33:10 UTC | CC | slawomir | |
| Karl Abbott | 2017-01-06 18:21:51 UTC | CC | kabbott | |
| Doran Moppert | 2017-02-07 02:11:50 UTC | Depends On | 1419772, 1419775, 1419773, 1419774 | |
| Doran Moppert | 2017-02-07 02:25:00 UTC | Doc Text | A vulnerability was found in the patch for CVE-2013-6045 for openjpeg. A crafted jpeg2000 image could cause heap-based buffer overflows, leading to a crash or possible code execution when reading or converting the crafted file. | |
| Doran Moppert | 2017-02-07 02:25:23 UTC | Priority | high | medium |
| Whiteboard | impact=important,public=20160926,reported=20160926,source=redhat,cvss2=6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P,cvss3=7.5/CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H,cwe=CWE-122,fedora-all/openjpeg=notaffected,fedora-all/mingw-openjpeg=affected,epel-5/openjpeg=affected,rhel-6/openjpeg=affected,rhel-7/openjpeg=affected | impact=moderate,public=20160926,reported=20160926,source=redhat,cvss2=6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P,cvss3=7.5/CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H,cwe=CWE-122,fedora-all/openjpeg=notaffected,fedora-all/mingw-openjpeg=affected,epel-5/openjpeg=affected,rhel-6/openjpeg=affected,rhel-7/openjpeg=affected | ||
| Severity | high | medium | ||
| Eric Christensen | 2017-02-07 15:20:49 UTC | Doc Text | A vulnerability was found in the patch for CVE-2013-6045 for openjpeg. A crafted jpeg2000 image could cause heap-based buffer overflows, leading to a crash or possible code execution when reading or converting the crafted file. | A vulnerability was found in the patch for CVE-2013-6045 for openjpeg. A crafted jpeg2000 image could cause heap-based buffer overflows leading to a crash or possible code execution when reading or converting the crafted file. |
| Nikola Forró | 2017-02-07 16:49:49 UTC | CC | dmoppert | |
| Flags | needinfo?(dmoppert) | |||
| Doran Moppert | 2017-02-08 03:31:18 UTC | Flags | needinfo?(dmoppert) | |
| Doran Moppert | 2017-03-15 00:28:22 UTC | Doc Text | A vulnerability was found in the patch for CVE-2013-6045 for openjpeg. A crafted jpeg2000 image could cause heap-based buffer overflows leading to a crash or possible code execution when reading or converting the crafted file. | A vulnerability was found in the patch for CVE-2013-6045 for openjpeg. A crafted JPEG2000 image could cause heap-based buffer overflows leading to a crash or possible code execution when reading or converting the crafted file. |
| Doran Moppert | 2017-03-15 00:38:31 UTC | Doc Text | A vulnerability was found in the patch for CVE-2013-6045 for openjpeg. A crafted JPEG2000 image could cause heap-based buffer overflows leading to a crash or possible code execution when reading or converting the crafted file. | A vulnerability was found in the patch for CVE-2013-6045 for OpenJPEG. A crafted JPEG2000 image could cause heap-based buffer overflows leading to a crash or possible code execution when reading or converting the crafted file. |
| Doran Moppert | 2017-03-15 00:48:03 UTC | Doc Text | A vulnerability was found in the patch for CVE-2013-6045 for OpenJPEG. A crafted JPEG2000 image could cause heap-based buffer overflows leading to a crash or possible code execution when reading or converting the crafted file. | A vulnerability was found in the patch for CVE-2013-6045 for OpenJPEG. A specially crafted JPEG2000 image, when read by an application using OpenJPEG, could cause heap-based buffer overflows leading to a crash or possible code execution when reading or converting the crafted file. |
| Doran Moppert | 2017-03-15 00:51:56 UTC | Doc Text | A vulnerability was found in the patch for CVE-2013-6045 for OpenJPEG. A specially crafted JPEG2000 image, when read by an application using OpenJPEG, could cause heap-based buffer overflows leading to a crash or possible code execution when reading or converting the crafted file. | A vulnerability was found in the patch for CVE-2013-6045 for OpenJPEG. A specially crafted JPEG2000 image, when read by an application using OpenJPEG, could cause heap-based buffer overflows leading to a crash or possible code execution. |
| Product Security DevOps Team | 2019-06-08 02:59:44 UTC | Status | NEW | CLOSED |
| Resolution | --- | ERRATA | ||
| Last Closed | 2019-06-08 02:59:44 UTC | |||
| Product Security DevOps Team | 2019-09-29 13:57:57 UTC | Whiteboard | impact=moderate,public=20160926,reported=20160926,source=redhat,cvss2=6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P,cvss3=7.5/CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H,cwe=CWE-122,fedora-all/openjpeg=notaffected,fedora-all/mingw-openjpeg=affected,epel-5/openjpeg=affected,rhel-6/openjpeg=affected,rhel-7/openjpeg=affected |
Back to bug 1382202