[ubuntu/lucid-security] jasper 1.900.1-7ubuntu0.10.04.1 (Accepted)

Marc Deslauriers marc.deslauriers at ubuntu.com
Tue Dec 20 15:03:44 UTC 2011 

jasper (1.900.1-7ubuntu0.10.04.1) lucid-security; urgency=low

  * SECURITY UPDATE: denial of service and possible code execution via
    heap-based buffer overflows.
    - src/libjasper/jpc/jpc_cs.c: validate compparms->numrlvls and allocate
      proper size in src/libjasper/jpc/jpc_cs.c.
    - Thanks to Red Hat for the patch
    - CVE-2011-4516
    - CVE-2011-4517

Date: Mon, 19 Dec 2011 10:48:41 -0500
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/lucid/+source/jasper/1.900.1-7ubuntu0.10.04.1
-------------- next part --------------
Format: 1.8
Date: Mon, 19 Dec 2011 10:48:41 -0500
Source: jasper
Binary: libjasper1 libjasper-dev libjasper-runtime
Architecture: source
Version: 1.900.1-7ubuntu0.10.04.1
Distribution: lucid-security
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description: 
 libjasper-dev - Development files for the JasPer JPEG-2000 library
 libjasper-runtime - Programs for manipulating JPEG-2000 files
 libjasper1 - The JasPer JPEG-2000 runtime library
Changes: 
 jasper (1.900.1-7ubuntu0.10.04.1) lucid-security; urgency=low
 .
   * SECURITY UPDATE: denial of service and possible code execution via
     heap-based buffer overflows.
     - src/libjasper/jpc/jpc_cs.c: validate compparms->numrlvls and allocate
       proper size in src/libjasper/jpc/jpc_cs.c.
     - Thanks to Red Hat for the patch
     - CVE-2011-4516
     - CVE-2011-4517
Checksums-Sha1: 
 a12b0f779008925c5d9163f3c74e0f5b247e0586 1834 jasper_1.900.1-7ubuntu0.10.04.1.dsc
 ee479b9911782476f29217ebbae4e8ce25d14938 52653 jasper_1.900.1-7ubuntu0.10.04.1.diff.gz
Checksums-Sha256: 
 9e7da7392eaeced3e13c31c005ad6449b6b13ffb6cbdc082e1b12139c9f490e5 1834 jasper_1.900.1-7ubuntu0.10.04.1.dsc
 a4b493378ec39b6ebbfe24f65bd07f21616fe567ef959f6134e8c8813ad9e584 52653 jasper_1.900.1-7ubuntu0.10.04.1.diff.gz
Files: 
 f1f7595f7a2c567ab600190dcde8684a 1834 graphics optional jasper_1.900.1-7ubuntu0.10.04.1.dsc
 50023bf647b6e8fc94c21fbaf0106acb 52653 graphics optional jasper_1.900.1-7ubuntu0.10.04.1.diff.gz
Original-Maintainer: Roland Stigge <stigge at antcom.de>

More information about the Lucid-changes mailing list