Описание
Security update for jasper
This update for jasper to version 1.900.14 fixes several issues.
These security issues were fixed:
- CVE-2016-8887: NULL pointer dereference in jp2_colr_destroy (jp2_cod.c) (bsc#1006836)
- CVE-2016-8886: memory allocation failure in jas_malloc (jas_malloc.c) (bsc#1006599)
- CVE-2016-8884,CVE-2016-8885: two null pointer dereferences in bmp_getdata (incomplete fix for CVE-2016-8690) (bsc#1007009)
- CVE-2016-8883: assert in jpc_dec_tiledecode() (bsc#1006598)
- CVE-2016-8882: segfault / null pointer access in jpc_pi_destroy (bsc#1006597)
- CVE-2016-8881: Heap overflow in jpc_getuint16() (bsc#1006593)
- CVE-2016-8880: Heap overflow in jpc_dec_cp_setfromcox() (bsc#1006591)
- CVE-2016-8693 Double free vulnerability in mem_close (bsc#1005242)
- CVE-2016-8691, CVE-2016-8692: Divide by zero in jpc_dec_process_siz (bsc#1005090)
- CVE-2016-8690: Null pointer dereference in bmp_getdata triggered by crafted BMP image (bsc#1005084)
- CVE-2016-2116: Memory leak in the jas_iccprof_createfrombuf function in JasPer allowed remote attackers to cause a denial of service (memory consumption) via a crafted ICC color profile in a JPEG 2000 image file (bsc#968373)
- CVE-2016-2089: invalid read in the JasPer's jas_matrix_clip() function (bsc#963983)
- CVE-2016-1867: Out-of-bounds Read in the JasPer's jpc_pi_nextcprl() function (bsc#961886)
- CVE-2015-5221: Use-after-free (and double-free) in Jasper JPEG-200 (bsc#942553).
- CVE-2015-5203: Double free corruption in JasPer JPEG-2000 implementation (bsc#941919)
- CVE-2008-3522: Buffer overflow in the jas_stream_printf function in libjasper/base/jas_stream.c in JasPer might have allowed context-dependent attackers to have an unknown impact via vectors related to the mif_hdr_put function and use of vsprintf (bsc#392410)
- jasper: NULL pointer dereference in jp2_colr_destroy (jp2_cod.c) (incomplete fix for CVE-2016-8887) (bsc#1006839)
For additional change description please have a look at the changelog.
Список пакетов
SUSE Linux Enterprise Desktop 12 SP1
SUSE Linux Enterprise Desktop 12 SP2
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2
SUSE Linux Enterprise Server for SAP Applications 12 SP1
SUSE Linux Enterprise Server for SAP Applications 12 SP2
SUSE Linux Enterprise Software Development Kit 12 SP1
SUSE Linux Enterprise Software Development Kit 12 SP2
Ссылки
- Link for SUSE-SU-2016:2775-1
- E-Mail link for SUSE-SU-2016:2775-1
- SUSE Security Ratings
- SUSE Bug 1005084
- SUSE Bug 1005090
- SUSE Bug 1005242
- SUSE Bug 1006591
- SUSE Bug 1006593
- SUSE Bug 1006597
- SUSE Bug 1006598
- SUSE Bug 1006599
- SUSE Bug 1006836
- SUSE Bug 1006839
- SUSE Bug 1007009
- SUSE Bug 392410
- SUSE Bug 941919
- SUSE Bug 942553
- SUSE Bug 961886
- SUSE Bug 963983
- SUSE Bug 968373
Описание
Buffer overflow in the jas_stream_printf function in libjasper/base/jas_stream.c in JasPer 1.900.1 might allow context-dependent attackers to have an unknown impact via vectors related to the mif_hdr_put function and use of vsprintf.
Затронутые продукты
Ссылки
- CVE-2008-3522
- SUSE Bug 1178702
- SUSE Bug 392410
Описание
Multiple stack-based buffer overflows in jpc_qmfb.c in JasPer 1.900.1 and earlier allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted JPEG 2000 image.
Затронутые продукты
Ссылки
- CVE-2014-8158
- SUSE Bug 1178702
- SUSE Bug 911837
- SUSE Bug 969776
Описание
Double free vulnerability in the jasper_image_stop_load function in JasPer 1.900.17 allows remote attackers to cause a denial of service (crash) via a crafted JPEG 2000 image file.
Затронутые продукты
Ссылки
- CVE-2015-5203
- SUSE Bug 1178702
- SUSE Bug 941919
- SUSE Bug 942553
Описание
Use-after-free vulnerability in the mif_process_cmpt function in libjasper/mif/mif_cod.c in the JasPer JPEG-2000 library before 1.900.2 allows remote attackers to cause a denial of service (crash) via a crafted JPEG 2000 image file.
Затронутые продукты
Ссылки
- CVE-2015-5221
- SUSE Bug 1178702
- SUSE Bug 942553
Описание
Double free vulnerability in the jas_iccattrval_destroy function in JasPer 1.900.1 and earlier allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted ICC color profile in a JPEG 2000 image file, a different vulnerability than CVE-2014-8137.
Затронутые продукты
Ссылки
- CVE-2016-1577
- SUSE Bug 1178702
- SUSE Bug 968373
Описание
The jpc_pi_nextcprl function in JasPer 1.900.1 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted JPEG 2000 image.
Затронутые продукты
Ссылки
- CVE-2016-1867
- SUSE Bug 1178702
- SUSE Bug 961886
Описание
The jas_matrix_clip function in jas_seq.c in JasPer 1.900.1 allows remote attackers to cause a denial of service (invalid read and application crash) via a crafted JPEG 2000 image.
Затронутые продукты
Ссылки
- CVE-2016-2089
- SUSE Bug 1178702
- SUSE Bug 963983
Описание
Memory leak in the jas_iccprof_createfrombuf function in JasPer 1.900.1 and earlier allows remote attackers to cause a denial of service (memory consumption) via a crafted ICC color profile in a JPEG 2000 image file.
Затронутые продукты
Ссылки
- CVE-2016-2116
- SUSE Bug 1178702
- SUSE Bug 968373
Описание
The bmp_getdata function in libjasper/bmp/bmp_dec.c in JasPer before 1.900.5 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted BMP image in an imginfo command.
Затронутые продукты
Ссылки
- CVE-2016-8690
- SUSE Bug 1005084
- SUSE Bug 1007009
- SUSE Bug 1178702
Описание
The jpc_dec_process_siz function in libjasper/jpc/jpc_dec.c in JasPer before 1.900.4 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted XRsiz value in a BMP image to the imginfo command.
Затронутые продукты
Ссылки
- CVE-2016-8691
- SUSE Bug 1005090
- SUSE Bug 1178702
Описание
The jpc_dec_process_siz function in libjasper/jpc/jpc_dec.c in JasPer before 1.900.4 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted YRsiz value in a BMP image to the imginfo command.
Затронутые продукты
Ссылки
- CVE-2016-8692
- SUSE Bug 1005090
- SUSE Bug 1178702
Описание
Double free vulnerability in the mem_close function in jas_stream.c in JasPer before 1.900.10 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted BMP image to the imginfo command.
Затронутые продукты
Ссылки
- CVE-2016-8693
- SUSE Bug 1005242
- SUSE Bug 1178702
Описание
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2011-4516. Reason: This candidate is a duplicate of CVE-2011-4516. Notes: All CVE users should reference CVE-2011-4516 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage
Затронутые продукты
Ссылки
- CVE-2016-8880
- SUSE Bug 1006591
- SUSE Bug 1178702
Описание
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2011-4517. Reason: This candidate is a duplicate of CVE-2011-4517. Notes: All CVE users should reference CVE-2011-4517 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage
Затронутые продукты
Ссылки
- CVE-2016-8881
- SUSE Bug 1006593
- SUSE Bug 1178702
Описание
The jpc_dec_tilefini function in libjasper/jpc/jpc_dec.c in JasPer before 1.900.8 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted file.
Затронутые продукты
Ссылки
- CVE-2016-8882
- SUSE Bug 1006597
- SUSE Bug 1178702
Описание
The jpc_dec_tiledecode function in jpc_dec.c in JasPer before 1.900.8 allows remote attackers to cause a denial of service (assertion failure) via a crafted file.
Затронутые продукты
Ссылки
- CVE-2016-8883
- SUSE Bug 1006598
- SUSE Bug 1178702
Описание
The bmp_getdata function in libjasper/bmp/bmp_dec.c in JasPer 1.900.5 allows remote attackers to cause a denial of service (NULL pointer dereference) by calling the imginfo command with a crafted BMP image. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8690.
Затронутые продукты
Ссылки
- CVE-2016-8884
- SUSE Bug 1005084
- SUSE Bug 1007009
- SUSE Bug 1178702
Описание
The bmp_getdata function in libjasper/bmp/bmp_dec.c in JasPer before 1.900.9 allows remote attackers to cause a denial of service (NULL pointer dereference) by calling the imginfo command with a crafted BMP image.
Затронутые продукты
Ссылки
- CVE-2016-8885
- SUSE Bug 1005084
- SUSE Bug 1007009
- SUSE Bug 1178702
Описание
The jas_malloc function in libjasper/base/jas_malloc.c in JasPer before 1.900.11 allows remote attackers to have unspecified impact via a crafted file, which triggers a memory allocation failure.
Затронутые продукты
Ссылки
- CVE-2016-8886
- SUSE Bug 1006599
- SUSE Bug 1178702
Описание
The jp2_colr_destroy function in libjasper/jp2/jp2_cod.c in JasPer before 1.900.10 allows remote attackers to cause a denial of service (NULL pointer dereference).
Затронутые продукты
Ссылки
- CVE-2016-8887
- SUSE Bug 1006836
- SUSE Bug 1006839
- SUSE Bug 1178702