This update for jasper fixes the following issues: Security issues fixed :
CVE-2016-8654: Heap-based buffer overflow in QMFB code in JPC codec (bsc#1012530)
CVE-2016-9395: Missing sanity checks on the data in a SIZ marker segment (bsc#1010977).
CVE-2016-9398: jpc_math.c:94: int jpc_floorlog2(int):
Assertion ‘x > 0’ failed. (bsc#1010979)
CVE-2016-9560: stack-based buffer overflow in jpc_tsfb_getbands2 (jpc_tsfb.c) (bsc#1011830)
CVE-2016-9583: Out of bounds heap read in jpc_pi_nextpcrl() (bsc#1015400)
CVE-2016-9591: Use-after-free on heap in jas_matrix_destroy (bsc#1015993)
CVE-2016-9600: NULL pointer Dereference due to missing check for UNKNOWN color space in JP2 encoder (bsc#1018088)
CVE-2016-10251: Use of uninitialized value in jpc_pi_nextcprl (jpc_t2cod.c) (bsc#1029497)
CVE-2017-5498: left-shift undefined behaviour (bsc#1020353)
CVE-2017-6850: NULL pointer dereference in jp2_cdef_destroy (jp2_cod.c) (bsc#1021868)
Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from SUSE update advisory SUSE-SU-2017:0946-1.
# The text itself is copyright (C) SUSE.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(99232);
script_version("3.9");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/19");
script_cve_id("CVE-2016-10251", "CVE-2016-8654", "CVE-2016-9395", "CVE-2016-9398", "CVE-2016-9560", "CVE-2016-9583", "CVE-2016-9591", "CVE-2016-9600", "CVE-2017-5498", "CVE-2017-6850");
script_name(english:"SUSE SLES11 Security Update : jasper (SUSE-SU-2017:0946-1)");
script_summary(english:"Checks rpm output for the updated package.");
script_set_attribute(
attribute:"synopsis",
value:"The remote SUSE host is missing one or more security updates."
);
script_set_attribute(
attribute:"description",
value:
"This update for jasper fixes the following issues: Security issues
fixed :
- CVE-2016-8654: Heap-based buffer overflow in QMFB code
in JPC codec (bsc#1012530)
- CVE-2016-9395: Missing sanity checks on the data in a
SIZ marker segment (bsc#1010977).
- CVE-2016-9398: jpc_math.c:94: int jpc_floorlog2(int):
Assertion 'x > 0' failed. (bsc#1010979)
- CVE-2016-9560: stack-based buffer overflow in
jpc_tsfb_getbands2 (jpc_tsfb.c) (bsc#1011830)
- CVE-2016-9583: Out of bounds heap read in
jpc_pi_nextpcrl() (bsc#1015400)
- CVE-2016-9591: Use-after-free on heap in
jas_matrix_destroy (bsc#1015993)
- CVE-2016-9600: NULL pointer Dereference due to missing
check for UNKNOWN color space in JP2 encoder
(bsc#1018088)
- CVE-2016-10251: Use of uninitialized value in
jpc_pi_nextcprl (jpc_t2cod.c) (bsc#1029497)
- CVE-2017-5498: left-shift undefined behaviour
(bsc#1020353)
- CVE-2017-6850: NULL pointer dereference in
jp2_cdef_destroy (jp2_cod.c) (bsc#1021868)
Note that Tenable Network Security has extracted the preceding
description block directly from the SUSE security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1010977"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1010979"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1011830"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1012530"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1015400"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1015993"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1018088"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1020353"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1021868"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1029497"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2016-10251/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2016-8654/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2016-9395/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2016-9398/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2016-9560/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2016-9583/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2016-9591/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2016-9600/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2017-5498/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2017-6850/"
);
# https://www.suse.com/support/update/announcement/2017/suse-su-20170946-1/
script_set_attribute(
attribute:"see_also",
value:"http://www.nessus.org/u?6076170b"
);
script_set_attribute(
attribute:"solution",
value:
"To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product :
SUSE Linux Enterprise Software Development Kit 11-SP4:zypper in -t
patch sdksp4-jasper-13051=1
SUSE Linux Enterprise Server 11-SP4:zypper in -t patch
slessp4-jasper-13051=1
SUSE Linux Enterprise Debuginfo 11-SP4:zypper in -t patch
dbgsp4-jasper-13051=1
To bring your system up-to-date, use 'zypper patch'."
);
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libjasper");
script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:11");
script_set_attribute(attribute:"vuln_publication_date", value:"2017/02/15");
script_set_attribute(attribute:"patch_publication_date", value:"2017/04/05");
script_set_attribute(attribute:"plugin_publication_date", value:"2017/04/06");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"SuSE Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE");
os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE");
os_ver = os_ver[1];
if (! preg(pattern:"^(SLES11)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLES11", "SUSE " + os_ver);
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu);
sp = get_kb_item("Host/SuSE/patchlevel");
if (isnull(sp)) sp = "0";
if (os_ver == "SLES11" && (! preg(pattern:"^(4)$", string:sp))) audit(AUDIT_OS_NOT, "SLES11 SP4", os_ver + " SP" + sp);
flag = 0;
if (rpm_check(release:"SLES11", sp:"4", cpu:"x86_64", reference:"libjasper-32bit-1.900.14-134.32.1")) flag++;
if (rpm_check(release:"SLES11", sp:"4", cpu:"s390x", reference:"libjasper-32bit-1.900.14-134.32.1")) flag++;
if (rpm_check(release:"SLES11", sp:"4", reference:"libjasper-1.900.14-134.32.1")) flag++;
if (flag)
{
if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
else security_warning(0);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "jasper");
}
Vendor | Product | Version | CPE |
---|---|---|---|
novell | suse_linux | libjasper | p-cpe:/a:novell:suse_linux:libjasper |
novell | suse_linux | 11 | cpe:/o:novell:suse_linux:11 |
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10251
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8654
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9395
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9398
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9560
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9583
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9591
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9600
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5498
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6850
www.nessus.org/u?6076170b
bugzilla.suse.com/show_bug.cgi?id=1010977
bugzilla.suse.com/show_bug.cgi?id=1010979
bugzilla.suse.com/show_bug.cgi?id=1011830
bugzilla.suse.com/show_bug.cgi?id=1012530
bugzilla.suse.com/show_bug.cgi?id=1015400
bugzilla.suse.com/show_bug.cgi?id=1015993
bugzilla.suse.com/show_bug.cgi?id=1018088
bugzilla.suse.com/show_bug.cgi?id=1020353
bugzilla.suse.com/show_bug.cgi?id=1021868
bugzilla.suse.com/show_bug.cgi?id=1029497
www.suse.com/security/cve/CVE-2016-10251/
www.suse.com/security/cve/CVE-2016-8654/
www.suse.com/security/cve/CVE-2016-9395/
www.suse.com/security/cve/CVE-2016-9398/
www.suse.com/security/cve/CVE-2016-9560/
www.suse.com/security/cve/CVE-2016-9583/
www.suse.com/security/cve/CVE-2016-9591/
www.suse.com/security/cve/CVE-2016-9600/
www.suse.com/security/cve/CVE-2017-5498/
www.suse.com/security/cve/CVE-2017-6850/