Oval Definition:oval:org.opensuse.security:def:78621
Revision Date:2017-01-08Version:1
Title:Security update for jasper (Important)
Description:



This update for jasper fixes the following issues:

- CVE-2016-8654: Heap-based buffer overflow in QMFB code in JPC codec. (bsc#1012530) - CVE-2016-9395: Invalid jasper files could lead to abort of the library caused by attacker provided image. (bsc#1010977) - CVE-2016-9398: Invalid jasper files could lead to abort of the library caused by attacker provided image. (bsc#1010979) - CVE-2016-9560: Stack-based buffer overflow in jpc_tsfb_getbands2. (bsc#1011830) - CVE-2016-9591: Use-after-free on heap in jas_matrix_destroy. (bsc#1015993)
Family:unixClass:patch
Status:Reference(s):1010977
1010979
1011830
1012530
1015993
CVE-2016-8654
CVE-2016-9395
CVE-2016-9398
CVE-2016-9560
CVE-2016-9591
SUSE-SU-2017:0084-1
Platform(s):SUSE Linux Enterprise Desktop 12 SP1
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP1 is installed
  • AND Package Information
  • libjasper1-1.900.14-184.1 is installed
  • OR libjasper1-32bit-1.900.14-184.1 is installed
    • BACK