Oval Definition:
oval:org.opensuse.security:def:75081
Revision Date
:
2020-12-01
Version
:
1
Title
:
Security update for jasper (Moderate)
Description
:
This update for jasper fixes the following issues:
- CVE-2016-9398: Improved patch for already fixed issue (bsc#1010979). - CVE-2016-9399: Fix assert in calcstepsizes (bsc#1010980). - CVE-2017-5499: Validate component depth bit (bsc#1020451). - CVE-2017-5503: Check bounds in jas_seq2d_bindsub() (bsc#1020456). - CVE-2017-5504: Check bounds in jas_seq2d_bindsub() (bsc#1020458). - CVE-2017-5505: Check bounds in jas_seq2d_bindsub() (bsc#1020460). - CVE-2017-14132: Fix heap base overflow in by checking components (bsc#1057152). - CVE-2018-9252: Fix reachable assertion in jpc_abstorelstepsize (bsc#1088278). - CVE-2018-18873: Fix null pointer deref in ras_putdatastd (bsc#1114498). - CVE-2018-19139: Fix mem leaks by registering jpc_unk_destroyparms (bsc#1115637). - CVE-2018-19543, bsc#1045450 CVE-2017-9782: Fix numchans mixup (bsc#1117328). - CVE-2018-20570: Fix heap based buffer over-read in jp2_encode (bsc#1120807). - CVE-2018-20622: Fix memory leak in jas_malloc.c (bsc#1120805).
This update was imported from the SUSE:SLE-15:Update update project.
Family
:
unix
Class
:
patch
Status
:
Reference(s)
:
1010979
1010980
1020451
1020456
1020458
1020460
1045450
1057152
1088278
1114498
1115637
1117328
1120805
1120807
1173251
CVE-2016-9398
CVE-2016-9399
CVE-2017-14132
CVE-2017-5499
CVE-2017-5503
CVE-2017-5504
CVE-2017-5505
CVE-2017-9782
CVE-2018-18873
CVE-2018-19139
CVE-2018-19543
CVE-2018-20570
CVE-2018-20622
CVE-2018-9252
CVE-2020-6509
openSUSE-SU-2020:0950-1
openSUSE-SU-2020:1523-1
Platform(s)
:
openSUSE Leap 15.2
openSUSE Leap 15.2 NonFree
Product(s)
:
Definition Synopsis
openSUSE Leap 15.2 is installed
AND
Package Information
jasper-2.0.14-lp152.7.3 is installed
OR
libjasper-devel-2.0.14-lp152.7.3 is installed
OR
libjasper4-2.0.14-lp152.7.3 is installed
OR
libjasper4-32bit-2.0.14-lp152.7.3 is installed
Definition Synopsis
openSUSE Leap 15.2 NonFree is installed
AND
opera-69.0.3686.49-lp152.2.9 is installed
BACK