A NULL pointer dereference flaw was found in the way openjpeg decoded certain input images. Due to a logic error in the code responsible for decoding the input image, an application using openjpeg to process image data could crash when processing a crafted image.
Note that the above patch fixes two issues: CVE-2016-9573 as well as CVE-2016-9572.
Name: Liu Bingchang (IIE)
Created mingw-openjpeg tracking bugs for this issue:
Affects: fedora-all [bug 1402721]
Created mingw-openjpeg2 tracking bugs for this issue:
Affects: fedora-all [bug 1402720]
Created openjpeg tracking bugs for this issue:
Affects: fedora-all [bug 1402719]
Created openjpeg2 tracking bugs for this issue:
Affects: epel-6 [bug 1402722]
Affects: fedora-all [bug 1402718]
openjpeg-1 is not affected by this issue.