A vulnerability was found in openjpeg. There is a potential use-after-free in opj_j2k_write_mco function of the j2k.c file. External references: https://github.com/uclouvain/openjpeg/issues/563 Upstream fix: https://github.com/uclouvain/openjpeg/commit/940100c28ae28931722290794889cf84a92c5f6f
Created mingw-openjpeg tracking bugs for this issue: Affects: fedora-all [bug 1335772]
Created openjpeg2 tracking bugs for this issue: Affects: fedora-all [bug 1335771] Affects: epel-all [bug 1335773]
openjpeg2-2.1.1-1.fc24 has been pushed to the Fedora 24 stable repository. If problems still persist, please make note of it in this bug report.
openjpeg2-2.1.1-1.fc23 has been pushed to the Fedora 23 stable repository. If problems still persist, please make note of it in this bug report.
mingw-openjpeg2-2.1.1-1.fc24 has been pushed to the Fedora 24 stable repository. If problems still persist, please make note of it in this bug report.
mingw-openjpeg2-2.1.1-1.fc23 has been pushed to the Fedora 23 stable repository. If problems still persist, please make note of it in this bug report.
openjpeg-1 is not affected by this issue.