CVE-2009-5030 Heap memory corruption leading to invalid free when processing certain Gray16 TIFF images. CVE-2012-3358 Huzaifa Sidhpurwala of the Red Hat Security Response Team found a heap-based buffer overflow in JPEG2000 image parsing. CVE-2012-3535 Huzaifa Sidhpurwala of the Red Hat Security Response Team found a heap-based buffer overflow when decoding JPEG2000 images.

For the stable distribution (squeeze), these problems have been fixed in version 1.3+dfsg-4+squeeze1. For the testing (wheezy) and unstable (sid) distributions, these problems have been fixed in version 1.3+dfsg-4.6. We recommend that you upgrade your openjpeg packages.

Libopenjpeg2 is a library for handling the JPEG 2000 image compression format.

openjpeg on Debian Linux

This check tests the installed software version using the apt package manager.

• http://www.debian.org/security/2013/dsa-2629.html

---

Updated on 2015-03-25