[ubuntu/trusty-security] jasper 1.900.1-14ubuntu3.5 (Accepted)

Marc Deslauriers marc.deslauriers at canonical.com
Wed Jun 27 17:17:08 UTC 2018


jasper (1.900.1-14ubuntu3.5) trusty-security; urgency=medium

  * SECURITY UPDATE: double-free in jasper_image_stop_load
    - debian/patches/CVE-2015-5203-CVE-2016-9262.patch: fix overflow and
      double free in src/libjasper/base/jas_image.c,
      src/libjasper/include/jasper/jas_math.h.
      (Thanks to Red Hat for the patch!)
    - CVE-2015-5203
  * SECURITY UPDATE: use-after-free in mif_process_cmpt
    - debian/patches/CVE-2015-5221.patch: fix use-after-free in
      src/libjasper/mif/mif_cod.c.
    - CVE-2015-5221
  * SECURITY UPDATE: denial of service in jpc_tsfb_synthesize
    - debian/patches/CVE-2016-10248.patch: fix type promotion and prevent
      null pointer dereference in src/libjasper/include/jasper/jas_seq.h,
      src/libjasper/jpc/jpc_dec.c, src/libjasper/jpc/jpc_tsfb.c.
    - CVE-2016-10248
  * SECURITY UPDATE: denial of service in jp2_colr_destroy
    - debian/patches/CVE-2016-10250.patch: fix cleanup in
      src/libjasper/jp2/jp2_cod.c.
    - CVE-2016-10250
  * SECURITY UPDATE: denial of service in jpc_dec_tiledecode
    - debian/patches/CVE-2016-8883.patch: remove asserts in
      src/libjasper/jpc/jpc_dec.c.
    - CVE-2016-8883
  * SECURITY UPDATE: denial of service in jp2_colr_destroy
    - debian/patches/CVE-2016-8887.patch: don't destroy box that doesn't
      exist in src/libjasper/jp2/jp2_cod.c, src/libjasper/jp2/jp2_dec.c.
    - CVE-2016-8887
  * SECURITY UPDATE: integer overflow in jpc_dec_process_siz
    - debian/patches/CVE-2016-9387-1.patch: fix overflow in
      src/libjasper/jpc/jpc_dec.c.
    - debian/patches/CVE-2016-9387-2.patch: add more checks to
      src/libjasper/jpc/jpc_dec.c.
    - CVE-2016-9387
  * SECURITY UPDATE: denial of service in ras_getcmap
    - debian/patches/CVE-2016-9388.patch: remove assertions in
      src/libjasper/ras/ras_dec.c, src/libjasper/ras/ras_enc.c.
    - CVE-2016-9388
  * SECURITY UPDATE: denial of service in jpc_irct and jpc_iict functions
    - debian/patches/CVE-2016-9389.patch: add check to
      src/libjasper/base/jas_image.c, src/libjasper/jpc/jpc_dec.c,
      src/libjasper/include/jasper/jas_image.h.
    - CVE-2016-9389
  * SECURITY UPDATE: denial of service in jas_seq2d_create
    - debian/patches/CVE-2016-9390.patch: check tiles in
      src/libjasper/jpc/jpc_cs.c.
    - CVE-2016-9390
  * SECURITY UPDATE: denial of service in jpc_bitstream_getbits
    - debian/patches/CVE-2016-9391.patch: add tests to
      src/libjasper/jpc/jpc_bs.c, src/libjasper/jpc/jpc_cs.c.
    - CVE-2016-9391
  * SECURITY UPDATE: multiple denial of service issues
    - debian/patches/CVE-2016-9392-3-4.patch: add more checks to
      src/libjasper/jpc/jpc_cs.c.
    - CVE-2016-9392
    - CVE-2016-9393
    - CVE-2016-9394
  * SECURITY UPDATE: denial of service in JPC_NOMINALGAIN
    - debian/patches/CVE-2016-9396.patch: add check to
      src/libjasper/jpc/jpc_cs.c.
    - CVE-2016-9396
  * SECURITY UPDATE: denial of service via crafted image
    - debian/patches/CVE-2016-9600.patch: add more checks to
      src/libjasper/jp2/jp2_enc.c.
    - CVE-2016-9600
  * SECURITY UPDATE: NULL pointer exception in jp2_encode
    - debian/patches/CVE-2017-1000050.patch: check number of components in
      src/libjasper/jp2/jp2_enc.c.
    - CVE-2017-1000050
  * SECURITY UPDATE: denial of service in jp2_cdef_destroy
    - debian/patches/CVE-2017-6850.patch: initialize data in
      src/libjasper/base/jas_stream.c, src/libjasper/jp2/jp2_cod.c.
    - CVE-2017-6850

Date: 2018-06-27 15:17:13.285778+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/jasper/1.900.1-14ubuntu3.5
-------------- next part --------------
Sorry, changesfile not available.


More information about the Trusty-changes mailing list