http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2721 "The jpc_qcx_getcompparms function in jpc/jpc_cs.c for the JasPer JPEG-2000 library (libjasper) before 1.900 allows remote user-assisted attackers to cause a denial of service (crash) and possibly corrupt the heap via malformed image files, as originally demonstrated using imagemagick convert." Appears to affect 1.900.1 too.
%changelog * Wed May 23 2007 Rex Dieter <rdieter[AT]fedoraproject.org> 1.900.1-2 - CVE-2007-2721 (#240397) Built most everywhere, except F7+, pending F7 release and update mechanism.
F7 security update requested. Queued fixed FC-5, FC-6 builds as well, I was wrong before, had only done epel-4, epel-5 builds. closing.