On Mon, Sep 10, 2012 at 01:01:49PM +0200, Mathieu Malaterre wrote: > found 685970 openjpeg/1.3+dfsg-3 > found 685970 openjpeg/1.3+dfsg-4.1 > found 685970 openjpeg/1.3+dfsg-4.5 > fixed 685970 openjpeg/1.5.0-3 > thanks > > I cannot reproduce #685970 with openjpeg 1.5.0 > > $ ./bin/j2k_to_image -i test2.j2k -o test.ppm > > [ERROR] 001c4ebe: expected a marker instead of d900 > ERROR -> j2k_to_image: failed to decode image! > > and/or openjpeg from 1.5 branch: > > > $ ./bin/j2k_to_image -i test2.j2k -o test.ppm > > [WARNING] 001c4ebe: expected a marker instead of d900 > [INFO] tile 1 of 1 > [INFO] - tiers-1 took 0.032002 s > [INFO] - dwt took 0.056004 s > [WARNING] Number of components (1) is inconsistent with a MCT. Skip > the MCT step. > [INFO] - tile decoded in 0.100006 s > Generated Outfile test.ppm
A final upstream patch is now available, please apply: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-3535 Also, since #681717 doesn't seem to be accepted at this point in the Wheezy freeze, please proceed with a testing-proposed-updates upload to get the security fixes into Wheezy. Cheers, Moritz -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
