Test ID:	1.3.6.1.4.1.25623.1.1.13.2017.279.02
Category:	Slackware Local Security Checks
Title:	Slackware: Security Advisory (SSA:2017-279-02)
Summary:	The remote host is missing an update for the 'openjpeg' package(s) announced via the SSA:2017-279-02 advisory.
Description:	Summary: The remote host is missing an update for the 'openjpeg' package(s) announced via the SSA:2017-279-02 advisory. Vulnerability Insight: New openjpeg packages are available for Slackware 14.2 and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patches/packages/openjpeg-2.3.0-i586-1_slack14.2.txz: Upgraded. This update fixes security issues which may lead to a denial of service or possibly remote code execution. For more information, see: [links moved to references] (* Security fix *) +--------------------------+ Affected Software/OS: 'openjpeg' package(s) on Slackware 14.2, Slackware current. Solution: Please install the updated package(s). CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2016-9572 109233 http://www.securityfocus.com/bid/109233 DSA-3768 https://www.debian.org/security/2017/dsa-3768 GLSA-201710-26 https://security.gentoo.org/glsa/201710-26 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-9572 https://github.com/szukw000/openjpeg/commit/7b28bd2b723df6be09fe7791eba33147c1c47d0d https://github.com/uclouvain/openjpeg/issues/863 https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html Common Vulnerability Exposure (CVE) ID: CVE-2016-9573 97073 http://www.securityfocus.com/bid/97073 RHSA-2017:0838 http://rhn.redhat.com/errata/RHSA-2017-0838.html https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-9573 https://github.com/uclouvain/openjpeg/issues/862 Common Vulnerability Exposure (CVE) ID: CVE-2016-9580 94822 http://www.securityfocus.com/bid/94822 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-9580 https://github.com/szukw000/openjpeg/commit/cadff5fb6e73398de26a92e96d3d7cac893af255 https://github.com/uclouvain/openjpeg/issues/871 Common Vulnerability Exposure (CVE) ID: CVE-2016-9581 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-9581 https://github.com/uclouvain/openjpeg/issues/872 Common Vulnerability Exposure (CVE) ID: CVE-2017-12982 https://blogs.gentoo.org/ago/2017/08/14/openjpeg-memory-allocation-failure-in-opj_aligned_alloc_n-opj_malloc-c/ https://github.com/uclouvain/openjpeg/commit/baf0c1ad4572daa89caa3b12985bdd93530f0dd7 https://github.com/uclouvain/openjpeg/issues/983 Common Vulnerability Exposure (CVE) ID: CVE-2017-14039 BugTraq ID: 100550 http://www.securityfocus.com/bid/100550 Debian Security Information: DSA-4013 (Google Search) http://www.debian.org/security/2017/dsa-4013 https://blogs.gentoo.org/ago/2017/08/28/openjpeg-heap-based-buffer-overflow-in-opj_t2_encode_packet-t2-c/ https://github.com/uclouvain/openjpeg/commit/c535531f03369623b9b833ef41952c62257b507e https://github.com/uclouvain/openjpeg/issues/992 Common Vulnerability Exposure (CVE) ID: CVE-2017-14040 BugTraq ID: 100553 http://www.securityfocus.com/bid/100553 https://blogs.gentoo.org/ago/2017/08/28/openjpeg-invalid-memory-write-in-tgatoimage-convert-c/ https://github.com/uclouvain/openjpeg/commit/2cd30c2b06ce332dede81cccad8b334cde997281 https://github.com/uclouvain/openjpeg/issues/995 Common Vulnerability Exposure (CVE) ID: CVE-2017-14041 BugTraq ID: 100555 http://www.securityfocus.com/bid/100555 https://blogs.gentoo.org/ago/2017/08/28/openjpeg-stack-based-buffer-overflow-write-in-pgxtoimage-convert-c/ https://github.com/uclouvain/openjpeg/commit/e5285319229a5d77bf316bb0d3a6cbd3cb8666d9 https://github.com/uclouvain/openjpeg/issues/997 Common Vulnerability Exposure (CVE) ID: CVE-2017-14151 BugTraq ID: 100633 http://www.securityfocus.com/bid/100633 https://blogs.gentoo.org/ago/2017/08/16/openjpeg-heap-based-buffer-overflow-in-opj_mqc_flush-mqc-c/ https://github.com/uclouvain/openjpeg/commit/afb308b9ccbe129608c9205cf3bb39bbefad90b9 https://github.com/uclouvain/openjpeg/issues/982 Common Vulnerability Exposure (CVE) ID: CVE-2017-14152 https://blogs.gentoo.org/ago/2017/08/16/openjpeg-heap-based-buffer-overflow-in-opj_write_bytes_le-cio-c/ https://github.com/uclouvain/openjpeg/commit/4241ae6fbbf1de9658764a80944dc8108f2b4154 https://github.com/uclouvain/openjpeg/issues/985 Common Vulnerability Exposure (CVE) ID: CVE-2017-14164 BugTraq ID: 100677 http://www.securityfocus.com/bid/100677 https://blogs.gentoo.org/ago/2017/09/06/heap-based-buffer-overflow-in-opj_write_bytes_le-cio-c-incomplete-fix-for-cve-2017-14152/ https://github.com/uclouvain/openjpeg/commit/dcac91b8c72f743bda7dbfa9032356bc8110098a https://github.com/uclouvain/openjpeg/issues/991
Copyright	Copyright (C) 2022 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.