Oval Definition:oval:org.opensuse.security:def:81362
Revision Date:2017-04-06Version:1
Title:Security update for jasper (Moderate)
Description:



This update for jasper fixes the following issues:

Security issues fixed: - CVE-2016-9600: Null Pointer Dereference due to missing check for UNKNOWN color space in JP2 encoder (bsc#1018088) - CVE-2016-10251: Use of uninitialized value in jpc_pi_nextcprl (jpc_t2cod.c) (bsc#1029497) - CVE-2017-5498: left-shift undefined behaviour (bsc#1020353) - CVE-2017-6850: NULL pointer dereference in jp2_cdef_destroy (jp2_cod.c) (bsc#1021868) - CVE-2016-9583: Out of bounds heap read in jpc_pi_nextpcrl() (bsc#1015400)
Family:unixClass:patch
Status:Reference(s):1015400
1018088
1020353
1021868
1029497
CVE-2016-10251
CVE-2016-9583
CVE-2016-9600
CVE-2017-5498
CVE-2017-6850
SUSE-SU-2017:0953-1
Platform(s):SUSE Linux Enterprise Server 12 SP2
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • libjasper1-1.900.14-194.1 is installed
  • OR libjasper1-32bit-1.900.14-194.1 is installed
    • BACK