25 matches found
Updated jasper packages fix security vulnerability
CVE-2024-31744: Fixed denial of service through assertion failure in jpcstreamlistremove...
MGASA-2024-0144 Updated jasper packages fix security vulnerability
CVE-2024-31744: Fixed denial of service through assertion failure in jpcstreamlistremove...
Updated jasper packages fix security vulnerability
Memory leak in function cmdoptsparse that can cause a crash or segmentation fault. CVE-2022-2963...
MGASA-2023-0091 Updated jasper packages fix security vulnerability
Memory leak in function cmdoptsparse that can cause a crash or segmentation fault. CVE-2022-2963...
MGASA-2021-0249 Updated jasper packages fix security vulnerabilities
A NULL pointer dereference flaw was found in the way Jasper versions before 2.0.27 handled component references in the JP2 image format decoder. A specially crafted JP2 image file could cause an application using the Jasper library to crash when opened CVE-2021-3443. A NULL pointer dereference fl...
Updated jasper packages fix security vulnerabilities
A NULL pointer dereference flaw was found in the way Jasper versions before 2.0.27 handled component references in the JP2 image format decoder. A specially crafted JP2 image file could cause an application using the Jasper library to crash when opened CVE-2021-3443. A NULL pointer dereference fl...
MGASA-2021-0113 Updated jasper packages fix security vulnerability
jp2decode in jp2/jp2dec.c in libjasper in JasPer 2.0.24 has a heap-based buffer over-read when there is an invalid relationship between the number of channels and the number of image components CVE-2021-3272. A flaw was found in jasper. An out of bounds read issue was found in jp2decode function...
MGASA-2020-0463 Updated jasper packages fix security vulnerability
There's a flaw in jasper's jpc encoder in versions prior to 2.0.23. Crafted input provided to jasper by an attacker could cause an arbitrary out-of-bounds write. This could potentially affect data confidentiality, integrity, or application availability CVE-2020-27828...
MGASA-2020-0241 Updated jasper packages fix security vulnerability
Updated jasper packages fix security vulnerability: There is a reachable abort in the function jpcdecprocesssot in libjasper/jpc/jpcdec.c of JasPer 2.0.14 that will lead to a remote denial of service attack CVE-2018-9154...
Updated jasper packages fix security vulnerabilities
Heap based overflow in jasicctxtdescinput CVE-2018-19540. Heap based overread in jasimagedepalettize CVE-2018-19541...
MGASA-2019-0381 Updated jasper packages fix security vulnerabilities
Heap based overflow in jasicctxtdescinput CVE-2018-19540. Heap based overread in jasimagedepalettize CVE-2018-19541...
MGASA-2019-0167 Updated jasper packages fix security vulnerabilities
Updated jasper packages fix security vulnerabilities: The jpcfloorlog2 function in jpcmath.c in JasPer before 1.900.17 allows remote attackers to cause a denial of service assertion failure via unspecified vectors CVE-2016-9398. A denial of service in jp2decode CVE-2018-19542. A denial of service...
Updated jasper packages fix security vulnerabilities
Updated jasper packages fix security vulnerabilities: The jpcfloorlog2 function in jpcmath.c in JasPer before 1.900.17 allows remote attackers to cause a denial of service assertion failure via unspecified vectors CVE-2016-9398. A denial of service in jp2decode CVE-2018-19542. A denial of service...
MGASA-2018-0281 Updated jasper packages fix security vulnerabilities
Updated japser packages fix security vulnerabilities: An assertion failure was possible to trigger in JPCNOMINALGAIN CVE-2016-9396. Denial of service via a reachable assertion in the function jpcfirstone in libjasper/jpc/jpcmath.c could lead to denial of service CVE-2018-9055...
Updated jasper packages fix security vulnerabilities
Updated japser packages fix security vulnerabilities: An assertion failure was possible to trigger in JPCNOMINALGAIN CVE-2016-9396. Denial of service via a reachable assertion in the function jpcfirstone in libjasper/jpc/jpcmath.c could lead to denial of service CVE-2018-9055...
MGASA-2016-0298 Updated jasper packages fix security vulnerability
A double-free issue in JasPer 1.900.1 in the jasperimagestopload function can cause a denial of service if a specially crafted JPEG image is loaded CVE-2015-5203. A use-after-free which leads to double-free vulnerability was found in Jasper JPEG-2000 library, in src/libjasper/mif/mifcod.c file...
MGASA-2016-0100 Updated jasper packages fix security vulnerabilities
Updated jasper packages fix security vulnerabilities: The jasmatrixclip function in jasseq.c in JasPer 1.900.1 allows remote attackers to cause a denial of service invalid read and application crash via a crafted JPEG 2000 image CVE-2016-2089. Jacob Baines discovered that a double free...
MGASA-2016-0059 Updated jasper packages fix CVE-2016-1867
Updated jasper packages fix security vulnerabilities: The jpcpinextcprl function in JasPer 1.900.1 allows remote attackers to cause a denial of service out-of-bounds read and application crash via a crafted JPEG 2000 image CVE-2016-1867...
Updated jasper packages fix CVE-2016-1867
Updated jasper packages fix security vulnerabilities: The jpcpinextcprl function in JasPer 1.900.1 allows remote attackers to cause a denial of service out-of-bounds read and application crash via a crafted JPEG 2000 image CVE-2016-1867...
[slackware-security] jasper
New jasper packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/jasper-1.900.1-i486-4slack14.1.txz: Rebuilt. Applied many security and bug fixes. Thanks to Heinz Wiesinger...