[ubuntu/precise] jasper 1.900.1-12ubuntu1 (Accepted)
Marc Deslauriers
marc.deslauriers at ubuntu.com
Mon Dec 19 16:00:19 UTC 2011
jasper (1.900.1-12ubuntu1) precise; urgency=low
* SECURITY UPDATE: denial of service and possible code execution via
heap-based buffer overflows.
- debian/patches/03-CVE-2011-451x.patch: validate compparms->numrlvls
and allocate proper size in src/libjasper/jpc/jpc_cs.c.
- CVE-2011-4516
- CVE-2011-4517
Date: Mon, 19 Dec 2011 09:36:08 -0500
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/precise/+source/jasper/1.900.1-12ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Mon, 19 Dec 2011 09:36:08 -0500
Source: jasper
Binary: libjasper1 libjasper-dev libjasper-runtime
Architecture: source
Version: 1.900.1-12ubuntu1
Distribution: precise
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description:
libjasper-dev - Development files for the JasPer JPEG-2000 library
libjasper-runtime - Programs for manipulating JPEG-2000 files
libjasper1 - JasPer JPEG-2000 runtime library
Changes:
jasper (1.900.1-12ubuntu1) precise; urgency=low
.
* SECURITY UPDATE: denial of service and possible code execution via
heap-based buffer overflows.
- debian/patches/03-CVE-2011-451x.patch: validate compparms->numrlvls
and allocate proper size in src/libjasper/jpc/jpc_cs.c.
- CVE-2011-4516
- CVE-2011-4517
Checksums-Sha1:
4e34c1532dcf879a5de6da63d862554db730d409 1974 jasper_1.900.1-12ubuntu1.dsc
c7783452606dff8235d6a0fe86219435b8b8c6d3 31441 jasper_1.900.1-12ubuntu1.debian.tar.gz
Checksums-Sha256:
478ead95ac52e83f1e39c4c3780aa318266fea2facab9e1448799b5fd860dcef 1974 jasper_1.900.1-12ubuntu1.dsc
a753f7ac2b4b4868c161b960f431d0bcd401264ed8f038c0105e4fe9f2b56c59 31441 jasper_1.900.1-12ubuntu1.debian.tar.gz
Files:
e4cb89ac9e8751003bb7d5d07fac1102 1974 graphics optional jasper_1.900.1-12ubuntu1.dsc
5ead95875060331c3817c23e78b95254 31441 graphics optional jasper_1.900.1-12ubuntu1.debian.tar.gz
Original-Maintainer: Roland Stigge <stigge at antcom.de>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iQIcBAEBCgAGBQJO711IAAoJEGVp2FWnRL6T84QP/1iua5x7K6TQ7AJS/zdqm9oi
ph6Gzowqm3a+ehmVudlaPPAHzqWO6oqp7mBz3psYtvwZApH3EslaztATLOZggGbI
i4Aoq03gFTOMrp7lIJ5nayzIuZCGLJflNTKhmXxSjGeNpFt3MpqG2fZnmDGONe+t
HLGdh/c1BdXRQcLthIo2LKGdXZlf76jv0jfdmFh7jnRlZ53nPeOExDIzmqKKQkL9
V/YeOErggvaMCWk2jUrAFO9Nc48Yn6RM3xZ9ufMNlvygxhD+0+h9sBg/2zdD/70T
qhjoTuWPcRqvMjr/zOofnLtvhIXhnpzDhYnk6YKEZaCFZwXcWRkEQG3ok74V08V2
qo8/1/X5VhAOANVdzTaAW4bWiJULb6hhkSst6QgTRGj7REWl3D1dPuBbWeC2CAUC
X88U3riIp6FItbNujFQjkAoT+iPnjj4dZlPRU10N665QLebKZTk8GVUE8PSHBVOg
Sp1qToutlsuU54LymDZZ+JEqP/RT57cd16DS/iAEV+V6+xvwxpMODsD832Xh1AGW
yim4YLP7qGXnlmgjwIlfZNmCVkAMcSrUEcOpfK39JQ4g/y4VzpaiO9xuAHYn+UQc
ymFgRjMySAXiAVtIzSuLFqT+DgNydDkvKHxsDtwcLwgMcp13bpLXS9dSlEzVcncl
qFPBsXFCUW05Sxb6fIp2
=glm8
-----END PGP SIGNATURE-----
More information about the Precise-changes
mailing list