fix CVE-2025-54874: OOB heap memory write (RHEL-107568)

Resolves: RHEL-107568

openjpeg2-2.5.2-pr1753.diff

@@ -0,0 +1,13 @@
+diff --git a/src/lib/openjp2/jp2.c b/src/lib/openjp2/jp2.c
+index 4df055a54..da5063186 100644
+--- a/src/lib/openjp2/jp2.c
++++ b/src/lib/openjp2/jp2.c
+@@ -2873,7 +2873,7 @@ OPJ_BOOL opj_jp2_read_header(opj_stream_private_t *p_stream,
+                               p_image,
+                               p_manager);
+ 
+-    if (p_image && *p_image) {
++    if (ret && p_image && *p_image) {
+         /* Set Image Color Space */
+         if (jp2->enumcs == 16) {
+             (*p_image)->color_space = OPJ_CLRSPC_SRGB;

openjpeg2.spec

@@ -14,7 +14,7 @@
 
 Name:           openjpeg2
 Version:        2.5.2
-Release:        4%{?dist}
+Release:        5%{?dist}
 Summary:        C-Library for JPEG 2000
 
 # windirent.h is MIT, the rest is BSD
@@ -30,7 +30,8 @@ Source1:        data.tar.xz
 Patch0:         openjpeg2_opj2.patch
 Patch1:         openjpeg2-2.5.2-cve-2024-56826.patch
 Patch2:         openjpeg2-2.5.2-cve-2024-56827.patch
-
+# from upstream, for <= 2.5.3, RHEL-107568, CVE-2025-54784
+Patch3:         openjpeg2-2.5.2-pr1753.diff
 
 BuildRequires:  cmake
 BuildRequires:  doxygen
@@ -443,6 +444,9 @@ rm -rf %{buildroot}%{mingw64_datadir}/doc
 
 
 %changelog
+* Mon Aug 11 2025 Michal Hlavinka <mhlavink@redhat.com> - 2.5.2-5
+- fix CVE-2025-54874: OOB heap memory write (RHEL-107568)
+
 * Thu Jan 23 2025 Michal Hlavinka <mhlavink@redhat.com> - 2.5.2-4
 - fix two heap buffer overflows CVE-2024-56826 and CVE-2024-52827 (RHEL-72518,RHEL-72520)