Test Kennung:	1.3.6.1.4.1.25623.1.0.871775
Kategorie:	Red Hat Local Security Checks
Titel:	RedHat Update for openjpeg RHSA-2017:0559-01
Zusammenfassung:	The remote host is missing an update for the 'openjpeg'; package(s) announced via the referenced advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'openjpeg' package(s) announced via the referenced advisory. Vulnerability Insight: OpenJPEG is an open source library for reading and writing image files in JPEG2000 format. Security Fix(es): * Multiple integer overflow flaws, leading to heap-based buffer overflows, were found in OpenJPEG. A specially crafted JPEG2000 image could cause an application using OpenJPEG to crash or, potentially, execute arbitrary code. (CVE-2016-5139, CVE-2016-5158, CVE-2016-5159, CVE-2016-7163) * A vulnerability was found in the patch for CVE-2013-6045 for OpenJPEG. A specially crafted JPEG2000 image, when read by an application using OpenJPEG, could cause heap-based buffer overflows leading to a crash or, potentially, arbitrary code execution. (CVE-2016-9675) The CVE-2016-9675 issue was discovered by Doran Moppert (Red Hat Product Security). Affected Software/OS: openjpeg on Red Hat Enterprise Linux Desktop (v. 6), Red Hat Enterprise Linux Server (v. 6), Red Hat Enterprise Linux Workstation (v. 6) Solution: Please Install the Updated Packages. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2016-5139 BugTraq ID: 92276 http://www.securityfocus.com/bid/92276 Debian Security Information: DSA-3645 (Google Search) http://www.debian.org/security/2016/dsa-3645 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4KMX62M7UNRLWO4FEQ6YIMPMTKXXJV6A/ https://security.gentoo.org/glsa/201610-09 https://lists.debian.org/debian-lts-announce/2018/07/msg00025.html RedHat Security Advisories: RHSA-2016:1580 http://rhn.redhat.com/errata/RHSA-2016-1580.html RedHat Security Advisories: RHSA-2017:0559 http://rhn.redhat.com/errata/RHSA-2017-0559.html RedHat Security Advisories: RHSA-2017:0838 http://rhn.redhat.com/errata/RHSA-2017-0838.html http://www.securitytracker.com/id/1036547 SuSE Security Announcement: openSUSE-SU-2016:1982 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00005.html SuSE Security Announcement: openSUSE-SU-2016:1983 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00006.html Common Vulnerability Exposure (CVE) ID: CVE-2016-5158 BugTraq ID: 92717 http://www.securityfocus.com/bid/92717 Debian Security Information: DSA-3660 (Google Search) http://www.debian.org/security/2016/dsa-3660 RedHat Security Advisories: RHSA-2016:1854 http://rhn.redhat.com/errata/RHSA-2016-1854.html http://www.securitytracker.com/id/1036729 SuSE Security Announcement: SUSE-SU-2016:2251 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00004.html SuSE Security Announcement: openSUSE-SU-2016:2250 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00003.html SuSE Security Announcement: openSUSE-SU-2016:2296 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00008.html SuSE Security Announcement: openSUSE-SU-2016:2349 (Google Search) http://lists.opensuse.org/opensuse-updates/2016-09/msg00073.html Common Vulnerability Exposure (CVE) ID: CVE-2016-5159 Debian Security Information: DSA-3768 (Google Search) http://www.debian.org/security/2017/dsa-3768 Common Vulnerability Exposure (CVE) ID: CVE-2016-7163 BugTraq ID: 92897 http://www.securityfocus.com/bid/92897 Debian Security Information: DSA-3665 (Google Search) http://www.debian.org/security/2016/dsa-3665 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AQ2IIIQSJ3J4MONBOGCG6XHLKKJX2HKM/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YGKSEWWWED77Q5ZHK4OA2EKSJXLRU3MK/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/H4IRSGYMBSHCBZP23CUDIRJ3LBKH6ZJ7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2T6IQAMS4W65MGP7UW5FPE22PXELTK5D/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JYLOX7PZS3ZUHQ6RGI3M6H27B7I5ZZ26/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/66BWMMMWXH32J5AOGLAJGZA3GH5LZHXH/ http://www.openwall.com/lists/oss-security/2016/09/08/3 http://www.openwall.com/lists/oss-security/2016/09/08/6 Common Vulnerability Exposure (CVE) ID: CVE-2016-9675 BugTraq ID: 94589 http://www.securityfocus.com/bid/94589 http://www.openwall.com/lists/oss-security/2016/11/29/7 Common Vulnerability Exposure (CVE) ID: CVE-2013-6045 BugTraq ID: 64109 http://www.securityfocus.com/bid/64109 Debian Security Information: DSA-2808 (Google Search) http://www.debian.org/security/2013/dsa-2808 http://seclists.org/oss-sec/2013/q4/412 http://osvdb.org/100636 http://osvdb.org/100637 http://osvdb.org/100638 http://osvdb.org/100641 http://osvdb.org/100646 RedHat Security Advisories: RHSA-2013:1850 http://rhn.redhat.com/errata/RHSA-2013-1850.html
Copyright	Copyright (C) 2017 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.