doc/man/man1/opj_compress.1 | 40 20 + 20 - 0 !
doc/man/man1/opj_decompress.1 | 10 5 + 5 - 0 !
doc/man/man1/opj_dump.1 | 10 5 + 5 - 0 !
src/bin/jp2/opj_compress.c | 6 3 + 3 - 0 !
4 files changed, 33 insertions(+), 33 deletions(-)

 fix minor typos reported by lintian

cmake/OpenJPEGConfig.cmake.in | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

 upstream did not handle multi-arch installation path
 It naively assumed the include location to be two levels above the lib
 installation.

src/lib/openjp2/j2k.c | 9 9 + 0 - 0 !
1 file changed, 9 insertions(+)

---

src/lib/openjp2/j2k.c | 8 4 + 4 - 0 !
1 file changed, 4 insertions(+), 4 deletions(-)

---

src/lib/openjp2/j2k.c | 3 3 + 0 - 0 !
src/lib/openjp2/t2.c | 8 6 + 2 - 0 !
2 files changed, 9 insertions(+), 2 deletions(-)

---

src/lib/openjp2/pi.c | 8 7 + 1 - 0 !
1 file changed, 7 insertions(+), 1 deletion(-)

---

src/lib/openjp2/dwt.c | 38 33 + 5 - 0 !
src/lib/openjp2/pi.c | 4 2 + 2 - 0 !
src/lib/openjp2/t1.c | 85 72 + 13 - 0 !
3 files changed, 107 insertions(+), 20 deletions(-)

---

src/lib/openjp2/j2k.c | 6 5 + 1 - 0 !
1 file changed, 5 insertions(+), 1 deletion(-)

 [patch] fix incrementing of "l_tcp->m_nb_mcc_records" in
 opj_j2k_read_mcc (#820)

src/bin/jp2/convert.c | 59 53 + 6 - 0 !
src/lib/openjp2/j2k.c | 9 7 + 2 - 0 !
2 files changed, 60 insertions(+), 8 deletions(-)

---

src/bin/jp2/convert.c | 10 10 + 0 - 0 !
src/lib/openjp2/image.c | 8 7 + 1 - 0 !
2 files changed, 17 insertions(+), 1 deletion(-)

 [patch] avoid heap buffer overflow in function pnmtoimage of
 convert.c, and unsigned integer overflow in opj_image_create()
 (CVE-2016-9118, #861)

src/lib/openjp2/j2k.c | 4 4 + 0 - 0 !
src/lib/openjp2/tcd.c | 16 14 + 2 - 0 !
2 files changed, 18 insertions(+), 2 deletions(-)

 [patch] opj_tcd_get_decoded_tile_size(): fix potential uint32
 overflow (#854, CVE-2016-5152)

Fix derived from https://pdfium.googlesource.com/pdfium.git/+/d8cc503575463ff3d81b22dad292665f2c88911e/third_party/libopenjpeg20/0018-tcd_get_decoded_tile_size.patch

src/lib/openjp2/pi.c | 3 2 + 1 - 0 !
1 file changed, 2 insertions(+), 1 deletion(-)

 [patch] opj_pi_update_decode_poc(): limit layno1 to the number of
 layers (CVE-2016-1626 and CVE-2016-1628, #850)

This has been recently fixed in a less elegant way per
80818c39f5bfbac37768fcee95b0ffeceaa77264

src/lib/openjp2/j2k.c | 20 16 + 4 - 0 !
1 file changed, 16 insertions(+), 4 deletions(-)

 mix of
 4241ae6fbbf1de9658764a80944dc8108f2b4154
 and
 c535531f03369623b9b833ef41952c62257b507e (partial)

src/bin/jp2/convert.c | 42 28 + 14 - 0 !
1 file changed, 28 insertions(+), 14 deletions(-)

 [patch] tgatoimage(): avoid excessive memory allocation attempt, and
 fixes unaligned load (#995)

src/bin/jp2/convert.c | 3 2 + 1 - 0 !
1 file changed, 2 insertions(+), 1 deletion(-)

 [patch] pgxtoimage(): fix write stack buffer overflow (#997)

src/lib/openjp2/j2k.c | 24 20 + 4 - 0 !
1 file changed, 20 insertions(+), 4 deletions(-)

 [patch] opj_j2k_write_sot(): fix potential write heap buffer overflow
 (#991)

src/lib/openjp2/tcd.c | 2 2 + 0 - 0 !
1 file changed, 2 insertions(+)

 <short summary of the patch>
 TODO: Put a short summary on the line above and replace this paragraph
 with a longer explanation of this change. Complete the meta-information
 with other relevant fields (see below for details). To make it easier, the
 information below has been extracted from the changelog. Adjust it or drop
 it.
 .
 openjpeg2 (2.1.0-2+deb8u3) jessie-security; urgency=medium
 .
   * CVE-2016-9118: c22cbd8bdf8ff2ae372f94391a4be2d322b36b41.patch
   * CVE-2016-5152: 3fbe71369019df0b47c7a2be4fab8c05768f2f32.patch
   * CVE-2016-1628: 11445eddad7e7fa5b273d1c83c91011c44e5d586.patch
   * CVE-2016-10504: not needed
   * CVE-2017-14039: CVE-2017-14039.patch
   * CVE-2017-14040: 2cd30c2b06ce332dede81cccad8b334cde997281.patch
   * CVE-2017-14041: e5285319229a5d77bf316bb0d3a6cbd3cb8666d9.patch
   * CVE-2017-14151: not needed
   * CVE-2017-14152: dcac91b8c72f743bda7dbfa9032356bc8110098a.patch