-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4882-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
April 01, 2021                        https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : openjpeg2
CVE ID         : CVE-2020-6851 CVE-2020-8112 CVE-2020-15389 CVE-2020-27814 
                 CVE-2020-27823 CVE-2020-27824 CVE-2020-27841 CVE-2020-27842 
                 CVE-2020-27843 CVE-2020-27845

Multiple vulnerabilities have been discovered in openjpeg2, the
open-source JPEG 2000 codec, which could result in denial of service or
the execution of arbitrary code when opening a malformed image.
      
For the stable distribution (buster), these problems have been fixed in
version 2.3.0-2+deb10u2.

We recommend that you upgrade your openjpeg2 packages.

For the detailed security status of openjpeg2 please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/openjpeg2

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmBmIUYACgkQEMKTtsN8
TjYA5w//cWmhgNzMX/EHC3y0BAMFGSnaqzvHftcpPjaq3/ZC3dtQQ5OCL1+dmjdj
0gM7Q1/88WO3HRsJ72AJstZeDf1zIBvLZlPPottlXT2XfGCWFkW26rtb808pOpiq
H8wzaBPLB/IkwA2k+DExHG+jpBNaDeu9c544Tt94KU41XUjAK0jGc+wGVLeFrRZs
rXrOdyCdnoaHf9haWOEOTtZPXUU2LKxyDNHBZGgNlpU8bSiKZOT/YPayXhP3YDhO
vRDXfDdCd11M8pNVhXNGJLvVud7+QQP1NgjqgwpOCR6DXg3Fd1ilkWY+nBrlJkvv
x33IYB1E78d0QGK4r5nXZrGA2K4jBflIw3n1YHpdVd2+UDLBFcgAFLZmGBV3XHWb
4+xVlmjR8IDgvdn8CjalXyqRe6z+EaWSb9PsQHBIQV1jR7ZVghEnsite/qiqE1H0
7Gj5m2sTJXEbOEsfh24bXpNgx/USt7IRvlckYQSRiwZieS0yCk7LW1R9twggpy7E
NgCIZnfbFH9ugf/EDtzX+kT5FkCpBTxNfv3M0tBNgc9635mln/1jFACxZ187KDCX
xxNj3W2010JbnCWcjSvGk8S8oD9mVJUhwSrwpXj2gMD5cg6DHqG5fwUiAa2Dg0TS
AsEd4FlRMe2vVEaxkLDJpYzVOz/0AKW+e0oo7AJ4CmINDbO0jXQ=
=Q7e7
-----END PGP SIGNATURE-----