[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#1110686: bookworm-pu: package openjpeg2/2.5.0-2+deb12u2

Control: tags -1 - moreinfo

On Sun, Aug 10, 2025 at 06:27:23AM +0300, Adrian Bunk wrote:
> Package: release.debian.org
> Severity: normal
> Tags: bookworm, moreinfo
> X-Debbugs-Cc: openjpeg2@packages.debian.org, security@debian.org
> Control: affects -1 + src:openjpeg2
> User: release.debian.org@packages.debian.org
> Usertags: pu
> 
>   * CVE-2025-50952: Avoid potential undefined behaviour
>     in opj_dwt_decode_tile()
> 
> Tagged moreinfo, as question to the security team whether they want
> this in pu or as DSA.

Does not seem severe enough to make a standalone DSA. The openjpeg2
update can be addressed in the next point release in a few weeks, thus
removing the moreinfo tag.

Regards,
Salvatore
Reply to: