Back to bug 1402711
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Martin Prpič | 2016-12-08 09:06:32 UTC | CC | hobbes1069, jaromir.capik, manisandro, nforro, phracek, rdieter | |
| Whiteboard | impact=moderate,public=20161102,reported=20161028,source=researcher,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:N/A:P,cvss3=5.9/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H,cwe=CWE-122 | impact=moderate,public=20161102,reported=20161028,source=researcher,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:N/A:P,cvss3=5.9/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H,cwe=CWE-122,epel-6/openjpeg2=affected,epel-7/openjpeg2=affected,fedora-all/openjpeg2=affected,fedora-all/openjpeg=affected,fedora-all/mingw-openjpeg2=affected,fedora-all/mingw-openjpeg=affected,rhel-7/openjpeg=affected,rhel-6/openjpeg=affected | ||
| Martin Prpič | 2016-12-08 09:16:29 UTC | Depends On | 1402719, 1402720, 1402721, 1402718, 1402722 | |
| Doran Moppert | 2017-01-10 02:56:54 UTC | CC | erik-fedora, oliver | |
| Whiteboard | impact=moderate,public=20161102,reported=20161028,source=researcher,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:N/A:P,cvss3=5.9/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H,cwe=CWE-122,epel-6/openjpeg2=affected,epel-7/openjpeg2=affected,fedora-all/openjpeg2=affected,fedora-all/openjpeg=affected,fedora-all/mingw-openjpeg2=affected,fedora-all/mingw-openjpeg=affected,rhel-7/openjpeg=affected,rhel-6/openjpeg=affected | impact=moderate,public=20161102,reported=20161028,source=researcher,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:N/A:P,cvss3=5.9/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H,cwe=CWE-126,epel-6/openjpeg2=affected,epel-7/openjpeg2=affected,fedora-all/openjpeg2=affected,fedora-all/openjpeg=affected,fedora-all/mingw-openjpeg2=affected,fedora-all/mingw-openjpeg=affected,rhel-7/openjpeg=affected,rhel-6/openjpeg=affected | ||
| Doran Moppert | 2017-01-10 02:57:33 UTC | Whiteboard | impact=moderate,public=20161102,reported=20161028,source=researcher,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:N/A:P,cvss3=5.9/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H,cwe=CWE-126,epel-6/openjpeg2=affected,epel-7/openjpeg2=affected,fedora-all/openjpeg2=affected,fedora-all/openjpeg=affected,fedora-all/mingw-openjpeg2=affected,fedora-all/mingw-openjpeg=affected,rhel-7/openjpeg=affected,rhel-6/openjpeg=affected | impact=moderate,public=20161102,reported=20161028,source=researcher,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:N/A:P,cvss3=6.5/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H,cwe=CWE-126,epel-6/openjpeg2=affected,epel-7/openjpeg2=affected,fedora-all/openjpeg2=affected,fedora-all/openjpeg=affected,fedora-all/mingw-openjpeg2=affected,fedora-all/mingw-openjpeg=affected,rhel-7/openjpeg=affected,rhel-6/openjpeg=affected |
| Doran Moppert | 2017-01-10 02:58:08 UTC | Doc Text | An out-of-bounds read vulnerability was found in openjpeg. An attacker could create a crafted JPEG2000 image that would cause the application to crash or, potentially, disclose some data from the heap. | |
| Doran Moppert | 2017-01-10 02:59:14 UTC | Summary | CVE-2016-9573 openjpeg: heap buffer overflow due to insufficient check in imagetopnm() | CVE-2016-9573 openjpeg: heap out-of-bounds read due to insufficient check in imagetopnm() |
| Doran Moppert | 2017-01-10 03:45:11 UTC | Doc Text | An out-of-bounds read vulnerability was found in openjpeg. An attacker could create a crafted JPEG2000 image that would cause the application to crash or, potentially, disclose some data from the heap. | An out-of-bounds read vulnerability was found in openjpeg. An attacker could create a crafted JPEG2000 image that, when converted to PNM using the openjpeg library, would cause the application to crash or, potentially, disclose some data from the heap. |
| Martin Prpič | 2017-01-11 07:26:08 UTC | Whiteboard | impact=moderate,public=20161102,reported=20161028,source=researcher,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:N/A:P,cvss3=6.5/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H,cwe=CWE-126,epel-6/openjpeg2=affected,epel-7/openjpeg2=affected,fedora-all/openjpeg2=affected,fedora-all/openjpeg=affected,fedora-all/mingw-openjpeg2=affected,fedora-all/mingw-openjpeg=affected,rhel-7/openjpeg=affected,rhel-6/openjpeg=affected | impact=moderate,public=20161102,reported=20161028,source=researcher,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:N/A:P,cvss3=6.5/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H,cwe=CWE-125,epel-6/openjpeg2=affected,epel-7/openjpeg2=affected,fedora-all/openjpeg2=affected,fedora-all/openjpeg=affected,fedora-all/mingw-openjpeg2=affected,fedora-all/mingw-openjpeg=affected,rhel-7/openjpeg=affected,rhel-6/openjpeg=affected |
| Doran Moppert | 2017-02-01 02:04:26 UTC | Whiteboard | impact=moderate,public=20161102,reported=20161028,source=researcher,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:N/A:P,cvss3=6.5/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H,cwe=CWE-125,epel-6/openjpeg2=affected,epel-7/openjpeg2=affected,fedora-all/openjpeg2=affected,fedora-all/openjpeg=affected,fedora-all/mingw-openjpeg2=affected,fedora-all/mingw-openjpeg=affected,rhel-7/openjpeg=affected,rhel-6/openjpeg=affected | impact=moderate,public=20161102,reported=20161028,source=researcher,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:N/A:P,cvss3=6.5/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H,cwe=CWE-125,epel-6/openjpeg2=affected,epel-7/openjpeg2=affected,fedora-all/openjpeg2=affected,fedora-all/openjpeg=affected,fedora-all/mingw-openjpeg2=affected,fedora-all/mingw-openjpeg=affected,rhel-7/openjpeg=affected,rhel-6/openjpeg=notaffected |
| Doran Moppert | 2017-02-01 03:20:07 UTC | Whiteboard | impact=moderate,public=20161102,reported=20161028,source=researcher,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:N/A:P,cvss3=6.5/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H,cwe=CWE-125,epel-6/openjpeg2=affected,epel-7/openjpeg2=affected,fedora-all/openjpeg2=affected,fedora-all/openjpeg=affected,fedora-all/mingw-openjpeg2=affected,fedora-all/mingw-openjpeg=affected,rhel-7/openjpeg=affected,rhel-6/openjpeg=notaffected | impact=moderate,public=20161102,reported=20161028,source=researcher,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:N/A:P,cvss3=6.5/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H,cwe=CWE-125,epel-6/openjpeg2=affected,epel-7/openjpeg2=affected,fedora-all/openjpeg2=affected,fedora-all/openjpeg=affected,fedora-all/mingw-openjpeg2=affected,fedora-all/mingw-openjpeg=affected,rhel-7/openjpeg=notaffected,rhel-6/openjpeg=notaffected |
| Doran Moppert | 2017-02-01 03:22:02 UTC | Status | NEW | CLOSED |
| Resolution | --- | NOTABUG | ||
| Whiteboard | impact=moderate,public=20161102,reported=20161028,source=researcher,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:N/A:P,cvss3=6.5/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H,cwe=CWE-125,epel-6/openjpeg2=affected,epel-7/openjpeg2=affected,fedora-all/openjpeg2=affected,fedora-all/openjpeg=affected,fedora-all/mingw-openjpeg2=affected,fedora-all/mingw-openjpeg=affected,rhel-7/openjpeg=notaffected,rhel-6/openjpeg=notaffected | impact=moderate,public=20161102,reported=20161028,source=researcher,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:N/A:P,cvss3=6.5/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H,cwe=CWE-125,epel-6/openjpeg2=affected,epel-7/openjpeg2=affected,fedora-all/openjpeg2=affected,fedora-all/openjpeg=notaffected,fedora-all/mingw-openjpeg2=affected,fedora-all/mingw-openjpeg=notaffected,rhel-7/openjpeg=notaffected,rhel-6/openjpeg=notaffected | ||
| Last Closed | 2017-01-31 22:22:02 UTC | |||
| Nikola Forró | 2017-02-10 09:51:17 UTC | Depends On | 1419774 | |
| Nikola Forró | 2017-02-10 09:51:39 UTC | Depends On | 1419772 | |
| Nikola Forró | 2017-02-10 09:51:46 UTC | Depends On | 1419773 | |
| Nikola Forró | 2017-02-10 09:52:11 UTC | Depends On | 1419773 | |
| Doran Moppert | 2017-02-14 05:37:21 UTC | Whiteboard | impact=moderate,public=20161102,reported=20161028,source=researcher,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:N/A:P,cvss3=6.5/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H,cwe=CWE-125,epel-6/openjpeg2=affected,epel-7/openjpeg2=affected,fedora-all/openjpeg2=affected,fedora-all/openjpeg=notaffected,fedora-all/mingw-openjpeg2=affected,fedora-all/mingw-openjpeg=notaffected,rhel-7/openjpeg=notaffected,rhel-6/openjpeg=notaffected | impact=moderate,public=20161102,reported=20161028,source=researcher,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:N/A:P,cvss3=6.5/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H,cwe=CWE-125,epel-6/openjpeg2=affected,epel-7/openjpeg2=affected,fedora-all/openjpeg2=affected,fedora-all/openjpeg=notaffected,fedora-all/mingw-openjpeg2=affected,fedora-all/mingw-openjpeg=notaffected,rhel-7/openjpeg=affected,rhel-6/openjpeg=notaffected |
| Doran Moppert | 2017-02-14 05:41:54 UTC | Status | CLOSED | NEW |
| Resolution | NOTABUG | --- | ||
| Keywords | Reopened | |||
| Doran Moppert | 2017-02-14 05:49:19 UTC | CC | dmoppert | |
| Doran Moppert | 2017-03-15 00:36:31 UTC | Doc Text | An out-of-bounds read vulnerability was found in openjpeg. An attacker could create a crafted JPEG2000 image that, when converted to PNM using the openjpeg library, would cause the application to crash or, potentially, disclose some data from the heap. | An out-of-bounds read vulnerability was found in openjpeg, in the j2k_to_image tool. Converting a specially crafted JPEG2000 file to PNM format could cause the application to crash or, potentially, disclose some data from the heap. |
| Doran Moppert | 2017-03-15 00:42:41 UTC | Doc Text | An out-of-bounds read vulnerability was found in openjpeg, in the j2k_to_image tool. Converting a specially crafted JPEG2000 file to PNM format could cause the application to crash or, potentially, disclose some data from the heap. | An out-of-bounds read vulnerability was found in OpenJPEG, in the j2k_to_image tool. Converting a specially crafted JPEG2000 file to another format could cause the application to crash or, potentially, disclose some data from the heap. |
| Doran Moppert | 2017-03-23 04:09:49 UTC | Depends On | 1435069 | |
| Product Security DevOps Team | 2019-06-08 03:03:43 UTC | Status | NEW | CLOSED |
| Resolution | --- | ERRATA | ||
| Last Closed | 2017-02-01 03:22:02 UTC | 2019-06-08 03:03:43 UTC | ||
| Product Security DevOps Team | 2019-09-29 14:02:45 UTC | Whiteboard | impact=moderate,public=20161102,reported=20161028,source=researcher,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:N/A:P,cvss3=6.5/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H,cwe=CWE-125,epel-6/openjpeg2=affected,epel-7/openjpeg2=affected,fedora-all/openjpeg2=affected,fedora-all/openjpeg=notaffected,fedora-all/mingw-openjpeg2=affected,fedora-all/mingw-openjpeg=notaffected,rhel-7/openjpeg=affected,rhel-6/openjpeg=notaffected |
Back to bug 1402711