Oval Definition:oval:com.redhat.rhsa:def:20121283
Revision Date:2012-09-17Version:634
Title:RHSA-2012:1283: openjpeg security update (Important)
Description:OpenJPEG is an open source library for reading and writing image files in JPEG 2000 format.

  • It was found that OpenJPEG failed to sanity-check an image header field before using it. A remote attacker could provide a specially-crafted image file that could cause an application linked against OpenJPEG to crash or, possibly, execute arbitrary code. (CVE-2012-3535)

    This issue was discovered by Huzaifa Sidhpurwala of the Red Hat Security Response Team.

    Users of OpenJPEG should upgrade to these updated packages, which contain a patch to correct this issue. All running applications using OpenJPEG must be restarted for the update to take effect.
    • Family:unixClass:patch
    Status:Reference(s):CVE-2012-3535
    CVE-2012-3535
    RHSA-2012:1283
    RHSA-2012:1283-01
    RHSA-2012:1283-01
    Platform(s):Red Hat Enterprise Linux 6
    		Product(s):
    Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 6 is installed
  • AND
  • openjpeg is earlier than 0:1.3-9.el6_3
  • AND openjpeg is signed with Red Hat redhatrelease2 key
  • openjpeg-devel is earlier than 0:1.3-9.el6_3
  • AND openjpeg-devel is signed with Red Hat redhatrelease2 key
  • openjpeg-libs is earlier than 0:1.3-9.el6_3
  • AND openjpeg-libs is signed with Red Hat redhatrelease2 key
    • BACK