openjpeg2 (2.4.0-6ubuntu0.2) jammy-security; urgency=medium
* SECURITY UPDATE: heap buffer overflow
- debian/patches/CVE-2021-3575.patch: opj_decompress: fix off-by-one
read heap-buffer-overflow in sycc420_to_rgb() when x0 and y0 are odd
- CVE-2021-3575
* SECURITY UPDATE: integer overflow
- debian/patches/CVE-2021-29338.patch: Avoid overflow in
multiplications in utilities related to a big number of files in a
directory
- CVE-2021-29338
* SECURITY UPDATE: denial of service
- debian/patches/CVE-2022-1122.patch: Fix segfault in
src/bin/jp2/opj_decompress.c due to uninitialized pointer
- CVE-2022-1122
-- Bruce Cable <bruce.cable@canonical.com> Tue, 22 Oct 2024 15:06:23 +1100
openjpeg2 (2.4.0-6ubuntu0.1) jammy-security; urgency=medium
* SECURITY UPDATE: resource consumption loop
- debian/patches/CVE-2023-39327.patch: when EPH markers are specified,
they are required
- CVE-2023-39327
-- Bruce Cable <bruce.cable@canonical.com> Wed, 25 Sep 2024 13:00:18 +1000
openjpeg2 (2.4.0-6) unstable; urgency=medium
* d/copyright: Remove lintian error duplicate-globbing-patterns
* d/rules: Do not install *.so symlinks for jp3d/jpip. Closes: #1003807
-- Mathieu Malaterre <malat@debian.org> Mon, 17 Jan 2022 08:07:17 +0100
openjpeg2 (2.4.0-5) unstable; urgency=medium
* d/patches: Make sure to always install manpages
* d/control: Incoporate suggestion from Multiarch hinter
-- Mathieu Malaterre <malat@debian.org> Fri, 14 Jan 2022 16:18:56 +0100
openjpeg2 (2.4.0-4) unstable; urgency=medium
* d/patches: Fix integer overflow in num_images. Closes: #987276
* d/control: Bump Std-Vers to 4.6.0 no changes needed
* d/control: Add openjpeg-doc package for install HTML documentation
-- Mathieu Malaterre <malat@debian.org> Fri, 14 Jan 2022 10:04:50 +0100
openjpeg2 (2.4.0-3) unstable; urgency=medium
[ Sebastien Bacher ]
* d/rules: exclude the correct binary on Ubuntu/i386
[ Debian Janitor ]
* Use secure copyright file specification URI.
* Use secure URI in Homepage field.
* Bump debhelper from deprecated 9 to 12. + debian/rules: Rely on default use of dh_missing rather than using dh_install --list-missing.
* Set debhelper-compat version in Build-Depends.
* Set upstream metadata fields: Bug-Database, Bug-Submit, Repository, Repository-Browse.
* Fix field name typo in debian/copyright (Comments => Comment).
* Remove listed license files (LICENSE) from copyright.
* Drop unnecessary dh arguments: --parallel
* Remove unnecessary get-orig-source-target.
-- Mathieu Malaterre <malat@debian.org> Tue, 09 Feb 2021 17:10:52 +0100
openjpeg2 (2.4.0-2) unstable; urgency=medium
[ Mathieu Malaterre ]
* d/patches: Properly fix opj_free vs free usage
* d/patches: Fix compilation issue for the viewer
* d/control: Update Std-Vers to 4.5.1 no changes needed
* d/control: Run wrap-and-sort for cleanup
[ Steve Langasek ]
* d/rules: omit libopenjpip-server on Ubuntu/i386. Closes: #948377
[ Tom Hughes ]
* d/rules: Add static library to libopenjp2-7-dev. Closes: #962363
-- Mathieu Malaterre <malat@debian.org> Mon, 08 Feb 2021 08:32:32 +0100
openjpeg2 (2.4.0-1) unstable; urgency=medium
* New upstream version 2.4.0
* d/patches: Refresh patch for 2.4.0 release
* d/patches: Prevent a compilation failure about missing opj_free symbol
* d/symbols: Add new 2.4.0 symbol
* d/rules: Update build for 2.4.0 release
-- Mathieu Malaterre <malat@debian.org> Wed, 27 Jan 2021 15:30:45 +0100
openjpeg2 (2.3.1-1) unstable; urgency=medium
* New upstream release, addressing following security issues:
- CVE-2018-20847 (Closes: #931294)
- CVE-2018-21010 (Closes: #939553)
- CVE-2018-5727 (Closes: #888532)
* Remove following patches, applied upstream:
- CVE-2017-17480.patch
- CVE-2018-14423.patch
- CVE-2018-18088.patch
- CVE-2018-5785.patch
- CVE-2018-6616.patch
* Remove debian/patches/multiarch_path.patch:
- useless since latest upstream changes.
* Bump Standards-Version to 4.4.1.
* Refresh and rework manpages.
* Remove debian/README.source (Closes: #846390).
-- Hugo Lefeuvre <hle@debian.org> Mon, 07 Oct 2019 13:46:43 +0200
openjpeg2 (2.3.0-3) unstable; urgency=medium
[ Helmut Grohne ]
* Demote java dependencies to Build-Depends-Indep. (Closes: #870644)
[ Mathieu Malaterre ]
* debian/control: update URLs to new salsa location
-- Mathieu Malaterre <malat@debian.org> Mon, 30 Sep 2019 15:17:58 +0200
# For older changelog entries, run 'apt-get changelog openjpeg-doc'
Generated by dwww version 1.14 on Thu Jan 23 03:22:48 CET 2025.