Oval Definition:
oval:org.opensuse.security:def:69025
Revision Date
:
2020-12-01
Version
:
1
Title
:
Security update for jasper (Moderate)
Description
:
This update for jasper fixes the following issues:
- CVE-2016-9398: Improved patch for already fixed issue (bsc#1010979). - CVE-2016-9399: Fix assert in calcstepsizes (bsc#1010980). - CVE-2017-5499: Validate component depth bit (bsc#1020451). - CVE-2017-5503: Check bounds in jas_seq2d_bindsub() (bsc#1020456). - CVE-2017-5504: Check bounds in jas_seq2d_bindsub() (bsc#1020458). - CVE-2017-5505: Check bounds in jas_seq2d_bindsub() (bsc#1020460). - CVE-2017-14132: Fix heap base overflow in by checking components (bsc#1057152). - CVE-2018-9252: Fix reachable assertion in jpc_abstorelstepsize (bsc#1088278). - CVE-2018-18873: Fix null pointer deref in ras_putdatastd (bsc#1114498). - CVE-2018-19139: Fix mem leaks by registering jpc_unk_destroyparms (bsc#1115637). - CVE-2018-19543, bsc#1045450 CVE-2017-9782: Fix numchans mixup (bsc#1117328). - CVE-2018-20570: Fix heap based buffer over-read in jp2_encode (bsc#1120807). - CVE-2018-20622: Fix memory leak in jas_malloc.c (bsc#1120805).
Family
:
unix
Class
:
patch
Status
:
Reference(s)
:
1010979
1010980
1020451
1020456
1020458
1020460
1045450
1057152
1088278
1114498
1115637
1117328
1120805
1120807
1140844
1152990
1152992
1152994
1152995
1162396
1164804
CVE-2012-6708
CVE-2015-9251
CVE-2016-9398
CVE-2016-9399
CVE-2017-14132
CVE-2017-5499
CVE-2017-5503
CVE-2017-5504
CVE-2017-5505
CVE-2017-9782
CVE-2018-18873
CVE-2018-19139
CVE-2018-19543
CVE-2018-20570
CVE-2018-20622
CVE-2018-9252
CVE-2019-15845
CVE-2019-16201
CVE-2019-16254
CVE-2019-16255
CVE-2020-8130
SUSE-SU-2020:0737-1
Platform(s)
:
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1
Product(s)
:
Definition Synopsis
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 is installed
AND
Package Information
jasper-2.0.14-3.16 is installed
OR
libjasper4-32bit-2.0.14-3.16 is installed
BACK