-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-5851-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff January 27, 2025 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : openjpeg2 CVE ID : CVE-2024-56826 CVE-2024-56827 Multiple vulnerabilities have been discovered in openjpeg2, the open-source JPEG 2000 codec, which could result in denial of service or the execution of arbitrary code if malformed images are opened. For the stable distribution (bookworm), these problems have been fixed in version 2.5.0-2+deb12u1. We recommend that you upgrade your openjpeg2 packages. For the detailed security status of openjpeg2 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/openjpeg2 Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmeX3kkACgkQEMKTtsN8 Tja9vg/+LWMz9m3RgRWAe6biHzW8sU6z4npWNHNPZo9lsHovtCeoWdjjtEy9GtNO w6YENT/Ot3mOuIFjj5sB/v9efLf3Vdcaa09IqubZ9WucrRqw2xnldQpXG9ZDw2rz FaItMxVv3P4MAEERY3MyVwP3qxW71NrpSA1mglpUPG17qDWjeA67Sjx9mslpH53u LZScZqgYcMOyfXKFRvlNCrahBSCWtuTnBum0xEhuZ3KM12ng2RxGPMpJrvBWmhwS N22R+Z5xHJ7kpoCUf3VmvvkiWOB3p1LuLFyQ/uJer85JpUsBSjsn1KnggF11mnOP wCU9xkQretjeX7yAXkxDCAcg6tNcB5D/ePVx4tHVWW8ejurayhQtmL5fxyjnJqQG +idrchqM/Ai5kUrdQbHjemAWvF8i6U91tB/elTITi7nNzWhD4yVT1u5vLeX7U372 6aLzmkMCjoA9YAnm9U7Snnze2v6hXKZ6D4j/setZjeCYRoisrINvT7rY1sX8sFco tboF6GCRKMtgGfMnN2USwrxcz/l15PPZReh09TBAhWMvzI2Wxx6E6D7Wks618xZK QO28qirJzWAxw4VsZyIOK2Bpp0diJlqsI3ZD8cWdd9WzSeVMMLWGBrevPi9l2VhW fHTZ+3oWKF/25KqoLDmjBFVwzFLIrbGRsarZcQ2Qkwyhm3+BaWo= =8Tqj -----END PGP SIGNATURE-----