-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2022-9515529c96 2022-03-31 01:13:49.967968 --------------------------------------------------------------------------------

Name : mingw-openjpeg2 Product : Fedora 35 Version : 2.4.0 Release : 5.fc35 URL : https://github.com/uclouvain/openjpeg Summary : MinGW Windows openjpeg2 library Description : MinGW Windows openjpeg2 library.

-------------------------------------------------------------------------------- Update Information:

Fix CVE-2022-1122. -------------------------------------------------------------------------------- ChangeLog:

* Mon Mar 28 2022 Sandro Mani manisandro@gmail.com - 2.4.0-5 - Backport fix for CVE-2022-1122 -------------------------------------------------------------------------------- References:

[ 1 ] Bug #2069370 - CVE-2022-1122 mingw-openjpeg2: openjpeg: segmentation fault in opj2_decompress due to uninitialized pointer [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2069370 [ 2 ] Bug #2069371 - CVE-2022-1122 openjpeg2: openjpeg: segmentation fault in opj2_decompress due to uninitialized pointer [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2069371 --------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2022-9515529c96' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------