FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

openjpeg -- use-after-free vulnerability

Affected packages
openjpeg < 2.1.1

Details

VuXML ID a233d51f-5d4c-11e5-9ad8-14dae9d210b8
Discovery 2015-08-14
Entry 2015-09-17

Feist Josselin reports:

Use-after-free was found in openjpeg. The vuln is fixed in version 2.1.1 and was located in opj_j2k_write_mco function.

References

URL http://seclists.org/oss-sec/2015/q3/550
URL https://github.com/uclouvain/openjpeg/issues/563