openjpeg2 (2.5.0-2ubuntu0.4) noble-security; urgency=medium
* SECURITY UPDATE: null pointer dereference
- debian/patches/CVE-2025-50952.patch: Add a check to avoid null pointer
dereference in src/lib/openjp2/dwt.c.
- CVE-2025-50952
-- Edwin Jiang <edwin.jiang@canonical.com> Wed, 17 Sep 2025 15:10:22 +0000
openjpeg2 (2.5.0-2ubuntu0.3) noble-security; urgency=medium
* SECURITY UPDATE: Heap buffer overflow.
- debian/patches/CVE-2024-56826.patch: Add comp12w variable and
comparisons in src/bin/common/color.c.
- debian/patches/CVE-2024-56827.patch: Add l_current_tile_part comparison
to check again total number of tile parts in src/bin/openjp2/j2k.c.
- CVE-2024-56826
- CVE-2024-56827
-- Hlib Korzhynskyy <hlib.korzhynskyy@canonical.com> Tue, 21 Jan 2025 11:57:35 -0330
openjpeg2 (2.5.0-2ubuntu0.2) noble-security; urgency=medium
* SECURITY UPDATE: heap buffer overflow
- debian/patches/CVE-2021-3575.patch: opj_decompress: fix off-by-one
read heap-buffer-overflow in sycc420_to_rgb() when x0 and y0 are odd
- CVE-2021-3575
-- Bruce Cable <bruce.cable@canonical.com> Tue, 22 Oct 2024 14:53:32 +1100
openjpeg2 (2.5.0-2ubuntu0.1) noble-security; urgency=medium
* SECURITY UPDATE: resource consumption loop
- debian/patches/CVE-2023-39327.patch: when EPH markers are specified,
they are required
- CVE-2023-39327
-- Bruce Cable <bruce.cable@canonical.com> Wed, 25 Sep 2024 12:59:53 +1000
openjpeg2 (2.5.0-2build3) noble; urgency=medium
* No-change rebuild for CVE-2024-3094
-- Steve Langasek <steve.langasek@ubuntu.com> Sun, 31 Mar 2024 06:41:24 +0000
openjpeg2 (2.5.0-2build2) noble; urgency=medium
* No-change rebuild against libcurl3t64-gnutls
-- Steve Langasek <steve.langasek@ubuntu.com> Sat, 16 Mar 2024 07:14:29 +0000
openjpeg2 (2.5.0-2build1) noble; urgency=medium
* No-change rebuild against libpng16-16t64
-- Steve Langasek <steve.langasek@ubuntu.com> Thu, 29 Feb 2024 07:40:22 +0000
openjpeg2 (2.5.0-2) unstable; urgency=medium
* Team upload.
* Fix broken symlink, actually install jar. Closes: #1036584
-- Andreas Metzler <ametzler@debian.org> Fri, 26 May 2023 12:16:24 +0200
openjpeg2 (2.5.0-1) unstable; urgency=medium
* New upstream version 2.5.0
* d/control: Upstream has removed JP3D support
* d/patches: Refresh patches (removed those applied upstream)
* d/rules: Update rules to 2.5 location
* d/control: Update Std-Vers to 4.6.1 no changes needed
-- Mathieu Malaterre <malat@debian.org> Mon, 20 Jun 2022 16:05:24 +0200
openjpeg2 (2.4.0-6) unstable; urgency=medium
* d/copyright: Remove lintian error duplicate-globbing-patterns
* d/rules: Do not install *.so symlinks for jp3d/jpip. Closes: #1003807
-- Mathieu Malaterre <malat@debian.org> Mon, 17 Jan 2022 08:07:17 +0100
openjpeg2 (2.4.0-5) unstable; urgency=medium
* d/patches: Make sure to always install manpages
* d/control: Incoporate suggestion from Multiarch hinter
-- Mathieu Malaterre <malat@debian.org> Fri, 14 Jan 2022 16:18:56 +0100
openjpeg2 (2.4.0-4) unstable; urgency=medium
* d/patches: Fix integer overflow in num_images. Closes: #987276
* d/control: Bump Std-Vers to 4.6.0 no changes needed
* d/control: Add openjpeg-doc package for install HTML documentation
-- Mathieu Malaterre <malat@debian.org> Fri, 14 Jan 2022 10:04:50 +0100
openjpeg2 (2.4.0-3) unstable; urgency=medium
[ Sebastien Bacher ]
* d/rules: exclude the correct binary on Ubuntu/i386
[ Debian Janitor ]
* Use secure copyright file specification URI.
* Use secure URI in Homepage field.
* Bump debhelper from deprecated 9 to 12. + debian/rules: Rely on default use of dh_missing rather than using dh_install --list-missing.
* Set debhelper-compat version in Build-Depends.
* Set upstream metadata fields: Bug-Database, Bug-Submit, Repository, Repository-Browse.
* Fix field name typo in debian/copyright (Comments => Comment).
* Remove listed license files (LICENSE) from copyright.
* Drop unnecessary dh arguments: --parallel
* Remove unnecessary get-orig-source-target.
-- Mathieu Malaterre <malat@debian.org> Tue, 09 Feb 2021 17:10:52 +0100
openjpeg2 (2.4.0-2) unstable; urgency=medium
[ Mathieu Malaterre ]
* d/patches: Properly fix opj_free vs free usage
* d/patches: Fix compilation issue for the viewer
* d/control: Update Std-Vers to 4.5.1 no changes needed
* d/control: Run wrap-and-sort for cleanup
[ Steve Langasek ]
* d/rules: omit libopenjpip-server on Ubuntu/i386. Closes: #948377
[ Tom Hughes ]
* d/rules: Add static library to libopenjp2-7-dev. Closes: #962363
-- Mathieu Malaterre <malat@debian.org> Mon, 08 Feb 2021 08:32:32 +0100
openjpeg2 (2.4.0-1) unstable; urgency=medium
* New upstream version 2.4.0
* d/patches: Refresh patch for 2.4.0 release
* d/patches: Prevent a compilation failure about missing opj_free symbol
* d/symbols: Add new 2.4.0 symbol
* d/rules: Update build for 2.4.0 release
-- Mathieu Malaterre <malat@debian.org> Wed, 27 Jan 2021 15:30:45 +0100
openjpeg2 (2.3.1-1) unstable; urgency=medium
* New upstream release, addressing following security issues:
- CVE-2018-20847 (Closes: #931294)
- CVE-2018-21010 (Closes: #939553)
- CVE-2018-5727 (Closes: #888532)
* Remove following patches, applied upstream:
- CVE-2017-17480.patch
- CVE-2018-14423.patch
- CVE-2018-18088.patch
- CVE-2018-5785.patch
- CVE-2018-6616.patch
* Remove debian/patches/multiarch_path.patch:
- useless since latest upstream changes.
* Bump Standards-Version to 4.4.1.
* Refresh and rework manpages.
* Remove debian/README.source (Closes: #846390).
-- Hugo Lefeuvre <hle@debian.org> Mon, 07 Oct 2019 13:46:43 +0200
openjpeg2 (2.3.0-3) unstable; urgency=medium
[ Helmut Grohne ]
* Demote java dependencies to Build-Depends-Indep. (Closes: #870644)
[ Mathieu Malaterre ]
* debian/control: update URLs to new salsa location
-- Mathieu Malaterre <malat@debian.org> Mon, 30 Sep 2019 15:17:58 +0200
# Older entries have been removed from this changelog.
# To read the complete changelog use `apt changelog libopenjp2-7`.
Generated by dwww version 1.16 on Sat Dec 13 16:15:59 CET 2025.