Описание
Security update for jasper
This update for jasper fixes the following issues:
Security issues fixed:
- CVE-2016-8654: Heap-based buffer overflow in QMFB code in JPC codec (bsc#1012530)
- CVE-2016-9395: Missing sanity checks on the data in a SIZ marker segment (bsc#1010977).
- CVE-2016-9398: jpc_math.c:94: int jpc_floorlog2(int): Assertion 'x > 0' failed. (bsc#1010979)
- CVE-2016-9560: stack-based buffer overflow in jpc_tsfb_getbands2 (jpc_tsfb.c) (bsc#1011830)
- CVE-2016-9583: Out of bounds heap read in jpc_pi_nextpcrl() (bsc#1015400)
- CVE-2016-9591: Use-after-free on heap in jas_matrix_destroy (bsc#1015993)
- CVE-2016-9600: Null Pointer Dereference due to missing check for UNKNOWN color space in JP2 encoder (bsc#1018088)
- CVE-2016-10251: Use of uninitialized value in jpc_pi_nextcprl (jpc_t2cod.c) (bsc#1029497)
- CVE-2017-5498: left-shift undefined behaviour (bsc#1020353)
- CVE-2017-6850: NULL pointer dereference in jp2_cdef_destroy (jp2_cod.c) (bsc#1021868)
Список пакетов
SUSE Linux Enterprise Server 11 SP4
SUSE Linux Enterprise Server for SAP Applications 11 SP4
SUSE Linux Enterprise Software Development Kit 11 SP4
Ссылки
- Link for SUSE-SU-2017:0946-1
- E-Mail link for SUSE-SU-2017:0946-1
- SUSE Security Ratings
- SUSE Bug 1010977
- SUSE Bug 1010979
- SUSE Bug 1011830
- SUSE Bug 1012530
- SUSE Bug 1015400
- SUSE Bug 1015993
- SUSE Bug 1018088
- SUSE Bug 1020353
- SUSE Bug 1021868
- SUSE Bug 1029497
- SUSE CVE CVE-2016-10251 page
- SUSE CVE CVE-2016-8654 page
- SUSE CVE CVE-2016-9395 page
- SUSE CVE CVE-2016-9398 page
- SUSE CVE CVE-2016-9560 page
- SUSE CVE CVE-2016-9583 page
- SUSE CVE CVE-2016-9591 page
Описание
Integer overflow in the jpc_pi_nextcprl function in jpc_t2cod.c in JasPer before 1.900.20 allows remote attackers to have unspecified impact via a crafted file, which triggers use of an uninitialized value.
Затронутые продукты
Ссылки
- CVE-2016-10251
- SUSE Bug 1029497
- SUSE Bug 1178702
Описание
A heap-buffer overflow vulnerability was found in QMFB code in JPC codec caused by buffer being allocated with too small size. jasper versions before 2.0.0 are affected.
Затронутые продукты
Ссылки
- CVE-2016-8654
- SUSE Bug 1012530
- SUSE Bug 1178702
Описание
The jas_seq2d_create function in jas_seq.c in JasPer before 1.900.25 allows remote attackers to cause a denial of service (assertion failure) via a crafted file.
Затронутые продукты
Ссылки
- CVE-2016-9395
- SUSE Bug 1010977
- SUSE Bug 1178702
Описание
The jpc_floorlog2 function in jpc_math.c in JasPer before 1.900.17 allows remote attackers to cause a denial of service (assertion failure) via unspecified vectors.
Затронутые продукты
Ссылки
- CVE-2016-9398
- SUSE Bug 1010979
- SUSE Bug 1178702
Описание
Stack-based buffer overflow in the jpc_tsfb_getbands2 function in jpc_tsfb.c in JasPer before 1.900.30 allows remote attackers to have unspecified impact via a crafted image.
Затронутые продукты
Ссылки
- CVE-2016-9560
- SUSE Bug 1011830
- SUSE Bug 1178702
Описание
An out-of-bounds heap read vulnerability was found in the jpc_pi_nextpcrl() function of jasper before 2.0.6 when processing crafted input.
Затронутые продукты
Ссылки
- CVE-2016-9583
- SUSE Bug 1015400
- SUSE Bug 1178702
Описание
JasPer before version 2.0.12 is vulnerable to a use-after-free in the way it decodes certain JPEG 2000 image files resulting in a crash on the application using JasPer.
Затронутые продукты
Ссылки
- CVE-2016-9591
- SUSE Bug 1015993
- SUSE Bug 1178702
Описание
JasPer before version 2.0.10 is vulnerable to a null pointer dereference was found in the decoded creation of JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash.
Затронутые продукты
Ссылки
- CVE-2016-9600
- SUSE Bug 1018088
- SUSE Bug 1178702
Описание
libjasper/include/jasper/jas_math.h in JasPer 1.900.17 allows remote attackers to cause a denial of service (crash) via vectors involving left shift of a negative value.
Затронутые продукты
Ссылки
- CVE-2017-5498
- SUSE Bug 1020353
- SUSE Bug 1020451
- SUSE Bug 1020456
- SUSE Bug 1020460
- SUSE Bug 1178702
Описание
The jp2_cdef_destroy function in jp2_cod.c in JasPer before 2.0.13 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted image.
Затронутые продукты
Ссылки
- CVE-2017-6850
- SUSE Bug 1021868
- SUSE Bug 1178702