Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2022:1475-1

Опубликовано: 29 апр. 2022
Источник: suse-cvrf

Описание

Security update for jasper

This update for jasper fixes the following issues:

  • CVE-2021-3467: Fixed NULL pointer deref in jp2_decode() (bsc#1184757).
  • CVE-2021-3443: Fixed NULL pointer deref in jp2_decode() (bsc#1184798).
  • CVE-2021-26927: Fixed NULL pointer deref in jp2_decode() (bsc#1182104).
  • CVE-2021-26926: Fixed an out of bounds read in jp2_decode() (bsc#1182105).

Список пакетов

Image SLES12-SP4-SAP-Azure-BYOS
libjasper1-1.900.14-195.31.1
Image SLES12-SP4-SAP-Azure-LI-BYOS-Production
libjasper1-1.900.14-195.31.1
Image SLES12-SP4-SAP-Azure-VLI-BYOS-Production
libjasper1-1.900.14-195.31.1
Image SLES12-SP5-Azure-SAP-BYOS
libjasper1-1.900.14-195.31.1
Image SLES12-SP5-Azure-SAP-On-Demand
libjasper1-1.900.14-195.31.1
Image SLES12-SP5-EC2-SAP-BYOS
libjasper1-1.900.14-195.31.1
Image SLES12-SP5-EC2-SAP-On-Demand
libjasper1-1.900.14-195.31.1
Image SLES12-SP5-GCE-SAP-BYOS
libjasper1-1.900.14-195.31.1
Image SLES12-SP5-GCE-SAP-On-Demand
libjasper1-1.900.14-195.31.1
Image SLES12-SP5-SAP-Azure-LI-BYOS-Production
libjasper1-1.900.14-195.31.1
Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production
libjasper1-1.900.14-195.31.1
SUSE Linux Enterprise Server 12 SP5
libjasper1-1.900.14-195.31.1
libjasper1-32bit-1.900.14-195.31.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5
libjasper1-1.900.14-195.31.1
libjasper1-32bit-1.900.14-195.31.1
SUSE Linux Enterprise Software Development Kit 12 SP5
libjasper-devel-1.900.14-195.31.1

Ссылки

Описание

A flaw was found in jasper before 2.0.25. An out of bounds read issue was found in jp2_decode function whic may lead to disclosure of information or program crash.

Затронутые продукты
Image SLES12-SP4-SAP-Azure-BYOS:libjasper1-1.900.14-195.31.1
Image SLES12-SP4-SAP-Azure-LI-BYOS-Production:libjasper1-1.900.14-195.31.1
Image SLES12-SP4-SAP-Azure-VLI-BYOS-Production:libjasper1-1.900.14-195.31.1
Image SLES12-SP5-Azure-SAP-BYOS:libjasper1-1.900.14-195.31.1
Ссылки

Описание

A flaw was found in jasper before 2.0.25. A null pointer dereference in jp2_decode in jp2_dec.c may lead to program crash and denial of service.

Затронутые продукты
Image SLES12-SP4-SAP-Azure-BYOS:libjasper1-1.900.14-195.31.1
Image SLES12-SP4-SAP-Azure-LI-BYOS-Production:libjasper1-1.900.14-195.31.1
Image SLES12-SP4-SAP-Azure-VLI-BYOS-Production:libjasper1-1.900.14-195.31.1
Image SLES12-SP5-Azure-SAP-BYOS:libjasper1-1.900.14-195.31.1
Ссылки

Описание

A NULL pointer dereference flaw was found in the way Jasper versions before 2.0.27 handled component references in the JP2 image format decoder. A specially crafted JP2 image file could cause an application using the Jasper library to crash when opened.

Затронутые продукты
Image SLES12-SP4-SAP-Azure-BYOS:libjasper1-1.900.14-195.31.1
Image SLES12-SP4-SAP-Azure-LI-BYOS-Production:libjasper1-1.900.14-195.31.1
Image SLES12-SP4-SAP-Azure-VLI-BYOS-Production:libjasper1-1.900.14-195.31.1
Image SLES12-SP5-Azure-SAP-BYOS:libjasper1-1.900.14-195.31.1
Ссылки

Описание

A NULL pointer dereference flaw was found in the way Jasper versions before 2.0.26 handled component references in CDEF box in the JP2 image format decoder. A specially crafted JP2 image file could cause an application using the Jasper library to crash when opened.

Затронутые продукты
Image SLES12-SP4-SAP-Azure-BYOS:libjasper1-1.900.14-195.31.1
Image SLES12-SP4-SAP-Azure-LI-BYOS-Production:libjasper1-1.900.14-195.31.1
Image SLES12-SP4-SAP-Azure-VLI-BYOS-Production:libjasper1-1.900.14-195.31.1
Image SLES12-SP5-Azure-SAP-BYOS:libjasper1-1.900.14-195.31.1
Ссылки