ALSA-2025:7309

[ALSA-2025:7309] Moderate: openjpeg2 security update

Type:

security

Severity:

moderate

Release date:

2025-07-02

Description:

OpenJPEG is an open source library for reading and writing image files in JPEG2000 format.  

Security Fix(es):  

  * openjpeg: heap buffer overflow in bin/common/color.c (CVE-2024-56826)
  * openjpeg: heap buffer overflow in lib/openjp2/j2k.c (CVE-2024-56827)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.  

Additional Changes:  

For detailed information on changes in this release, see the AlmaLinuxRelease Notes linked from the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	openjpeg2-tools-2.4.0-8.el9.aarch64.rpm	2ab806ee1bfb587509b3b789a1f8057974b73ca926f1f1d8cb28ea3a09901321
aarch64	openjpeg2-devel-2.4.0-8.el9.aarch64.rpm	483431c4e1c61b56e3740532c84b06b9ce46b88f18af0b7760b1decb5b5b4137
aarch64	openjpeg2-2.4.0-8.el9.aarch64.rpm	c877530b6dd2ee2868109d76861c0facabe2067d73272d7ced64cda94f8083f1
i686	openjpeg2-tools-2.4.0-8.el9.i686.rpm	03e2f42fef39d20a47a0cff1a8c32a6f7edad97d8088c31ab13ca7172d4579b6
i686	openjpeg2-devel-2.4.0-8.el9.i686.rpm	29cfa369caeb709ed65a434c815bf136d2ee8ab483cdb07694d316cad67e8c78
i686	openjpeg2-2.4.0-8.el9.i686.rpm	9f068eef7bce6b009abe58bc077c3664bcaa1846419dcc8886cec6348204e72f
ppc64le	openjpeg2-tools-2.4.0-8.el9.ppc64le.rpm	d6d204ba8011fd93546a5820574090089b5783e8fc12ed557f38178043152131
ppc64le	openjpeg2-devel-2.4.0-8.el9.ppc64le.rpm	f261fbde06a1129399816c83da503916693e2eb9964d58cfbee080ebab6d3cce
ppc64le	openjpeg2-2.4.0-8.el9.ppc64le.rpm	f44dc8cbda5cd47f0e50b347cdf9c2cbbda1eae59ed167d0459a70735e0a8455
s390x	openjpeg2-tools-2.4.0-8.el9.s390x.rpm	383699754145c277afa8fb70402b5961efa4c90ff68f496862dc237770f68ef8
s390x	openjpeg2-devel-2.4.0-8.el9.s390x.rpm	91f00cea697a4ac25cac571b19b2afb7db726544f7fa04ff6fd7d4fdb2ceb518
s390x	openjpeg2-2.4.0-8.el9.s390x.rpm	c14a86cfdfa92dbcb4e31cd74639cef0bc001115df4359220479464d02b7d579
x86_64	openjpeg2-devel-2.4.0-8.el9.x86_64.rpm	088c0265d2ea95019dcc54258139169600f0014c3fc4e202f74d44549cb4098a
x86_64	openjpeg2-tools-2.4.0-8.el9.x86_64.rpm	495e08531175beddc6e523c9621ee40a7ae19486508f41c6d5089c567d25dd53
x86_64	openjpeg2-2.4.0-8.el9.x86_64.rpm	58a5a2b4e86c20b364a80b0401d472009e3cef7299f56e81a5ea32271373da64

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.