openSUSE 16 Security Update : jasper (openSUSE-SU-2026:20138-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20138-1 advisory. Update to 4.2.8: - CVE-2025-8837: Fixed a bug in the JPC decoder that could cause bad memory accesses if the debug level is set sufficiently hig...

Security update for jasper

This update for jasper fixes the following issues: Update to 4.2.8: CVE-2025-8837: Fixed a bug in the JPC decoder that could cause bad memory accesses if the debug level is set sufficiently high bsc1247901. CVE-2025-8836: Added some missing range checking on several coding parameters in the JPC...

SUSE CVE-2017-13751

There is a reachable assertion abort in the function calcstepsizes in jpc/jpcdec.c in JasPer 2.0.12 that will lead to a remote denial of service attack...

jasper: integer overflows leading to out of bounds read in packet iterators in JPC decoder

An out-of-bounds heap read vulnerability was found in the jpcpinextpcrl function of jasper before 2.0.6 when processing crafted input...