CVE-2019-6988, CVE-2018-20846 and CVE-2018-16376

[stnert]

1. An issue has been discovered in OpenJPEG 2.4.0. It allows remote attackers to cause a denial of service (attempted excessive memory allocation) -> Type: Denial of service

2. Out-of-bounds accesses in the functions pi_next_lrcp, pi_next_rlcp, pi_next_rpcl, pi_next_pcrl, pi_next_rpcl, and pi_next_cprl in openmj2/pi.c in OpenJPEG -> Type: Denial of service

3. An issue was discovered in OpenJPEG 2.4.0. A heap-based buffer overflow was discovered in the function t2_encode_packet in lib/openmj2/t2.c. -> Type: Arbitrary code execution

Any forecast for correction?

[rouault]

1. An issue has been discovered in OpenJPEG 2.4.0. It allows remote attackers to cause a denial of service (attempted excessive memory allocation)   -> Type: Denial of service

Duplicate of #1178

• Out-of-bounds accesses in the functions pi_next_lrcp, pi_next_rlcp, pi_next_rpcl, pi_next_pcrl, pi_next_rpcl, and pi_next_cprl in openmj2/pi.c in OpenJPEG -> Type: Denial of service

• An issue was discovered in OpenJPEG 2.4.0. A heap-based buffer overflow was discovered in the function t2_encode_packet in lib/openmj2/t2.c. -> Type: Arbitrary code execution

No longer relevant since #1350