Synopsis: Important: openjpeg security update Advisory ID: SLSA-2013:1850-1 Issue Date: 2013-12-17 CVE Numbers: CVE-2013-6052 CVE-2013-6045 CVE-2013-6054 CVE-2013-1447 -- Multiple heap-based buffer overflow flaws were found in OpenJPEG. An attacker could create a specially crafted OpenJPEG image that, when opened, could cause an application using openjpeg to crash or, possibly, execute arbitrary code with the privileges of the user running the application. (CVE-2013-6045, CVE-2013-6054) Multiple denial of service flaws were found in OpenJPEG. An attacker could create a specially crafted OpenJPEG image that, when opened, could cause an application using openjpeg to crash (CVE-2013-1447, CVE-2013-6052) All running applications using OpenJPEG must be restarted for the update to take effect. -- SL6 x86_64 openjpeg-debuginfo-1.3-10.el6_5.i686.rpm openjpeg-debuginfo-1.3-10.el6_5.x86_64.rpm openjpeg-libs-1.3-10.el6_5.i686.rpm openjpeg-libs-1.3-10.el6_5.x86_64.rpm openjpeg-1.3-10.el6_5.x86_64.rpm openjpeg-devel-1.3-10.el6_5.i686.rpm openjpeg-devel-1.3-10.el6_5.x86_64.rpm i386 openjpeg-debuginfo-1.3-10.el6_5.i686.rpm openjpeg-libs-1.3-10.el6_5.i686.rpm openjpeg-1.3-10.el6_5.i686.rpm openjpeg-devel-1.3-10.el6_5.i686.rpm - Scientific Linux Development Team