| Revision Date: | 2015-02-02 | Version: | 1 |
| Title: | Security update for jasper (Moderate) |
| Description: |
jasper was updated to fix two security issues.
These security issues were fixed: - CVE-2014-8157: Off-by-one error in the jpc_dec_process_sot function in JasPer 1.900.1 and earlier allowed remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted JPEG 2000 image, which triggers a heap-based buffer overflow (bnc#911837). CVE-2014-8158: Multiple stack-based buffer overflows in jpc_qmfb.c in JasPer 1.900.1 and earlier allowed remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted JPEG 2000 image (bnc#911837).
|
| Family: | unix | Class: | patch |
| Status: | | Reference(s): | 911837
CVE-2014-8157
CVE-2014-8158
SUSE-SU-2015:0288-1
|
| Platform(s): | SUSE Linux Enterprise Desktop 12
| Product(s): | |
| Definition Synopsis |
| SUSE Linux Enterprise Desktop 12 is installed AND Package Information
libjasper1-1.900.1-170.1 is installed
OR libjasper1-32bit-1.900.1-170.1 is installed
|