Primijećeni su sigurnosni propusti u radu programskog paketa openjpeg. Udaljeni napadači su ih mogli iskoristiti za proizvoljno izvršavanje programskog koda s ovlastima korisnika koji ga je pokrenuo te za DoS napad.

CentOS Errata and Security Advisory 2012:1068 Important

Upstream details at : https://rhn.redhat.com/errata/RHSA-2012-1068.html

The following updated files have been uploaded and are currently 
syncing to the mirrors: ( sha256sum Filename ) 


i386:
e2b205d8c434f1bf8435acf92067904c24d61cbb5524ed6a2ece33accbcb5237 
openjpeg-1.3-8.el6_3.i686.rpm
97a1c11ed9e15e427fa2daf9e100a814b5a4defb00a44b0b3b1933f122e8cdea 
openjpeg-devel-1.3-8.el6_3.i686.rpm
b835b2d36e9926fbe00597c5d0a70a52b9a7db0110107a4b0f8fe8d88eda137b 
openjpeg-libs-1.3-8.el6_3.i686.rpm

x86_64:
3ce0d45db49b0b7a466a62074df9f7e19af15cf545a5ce6cfd14f4f7f394dd0d 
openjpeg-1.3-8.el6_3.x86_64.rpm
97a1c11ed9e15e427fa2daf9e100a814b5a4defb00a44b0b3b1933f122e8cdea 
openjpeg-devel-1.3-8.el6_3.i686.rpm
0f668bbc392096771274f5965340e5bc71b97e920fbb67dc7e43d667971ee953 
openjpeg-devel-1.3-8.el6_3.x86_64.rpm
b835b2d36e9926fbe00597c5d0a70a52b9a7db0110107a4b0f8fe8d88eda137b 
openjpeg-libs-1.3-8.el6_3.i686.rpm
9cfb3b5dcbaf3fd331642caf37a9b347eb937609ae3c03c24928aaa0299aaa6e 
openjpeg-libs-1.3-8.el6_3.x86_64.rpm

Source:
76654f1ad60a5fb41d975232408ff113ef5eeeb9dcc06921ccbd15f374de928f 
openjpeg-1.3-8.el6_3.src.rpm



-- 
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.

_______________________________________________
CentOS-announce mailing list
Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.
http://lists.centos.org/mailman/listinfo/centos-announce