Univention Bugzilla – Bug 48451
jasper: Multiple issues (4.2)
Last modified: 2019-01-16 13:40:08 CET
New Debian jasper 1.900.1-debian1-2.4+deb8u5 fixes: This update addresses the following issues: * heap-based buffer over-read of size 8 in jas_image_depalettize in libjasper/base/jas_image.c (CVE-2018-19541) * access violation in jas_image_readcmpt in libjasper/base/jas_image.c (CVE-2018-19539) * DoS when converting to jp2 (CVE-2018-20584) * heap-based buffer overflow of size 1 in jas_icctxtdesc_input in libjasper/base/jas_icc.c (CVE-2018-19540) * invalid access in jp2_decode in libjasper/jp2/jp2_dec.c (CVE-2018-19542) * memory leak in jas_malloc.c when called from jpc_unk_getparms in jpc_cs.c (CVE-2018-19139) * NULL pointer dereference in ras_putdatastd function (CVE-2018-18873) * memory leak in base/jas_malloc.c in libjasper.a (CVE-2018-20622) * heap-based buffer over-read in jp2_encode in jp2/jp2_enc.c (CVE-2018-20570)
--- mirror/ftp/4.2/unmaintained/component/4.2-5-errata/source/jasper_1.900.1-debian1-2.4+deb8u4.dsc +++ apt/ucs_4.2-0-errata4.2-5/source/jasper_1.900.1-debian1-2.4+deb8u5.dsc @@ -1,3 +1,13 @@ +1.900.1-debian1-2.4+deb8u5 [Wed, 02 Jan 2019 22:59:23 +0100] Markus Koschany <apo@debian.org>: + + * Non-maintainer upload by the LTS team. + * Fix CVE-2018-18873, CVE-2018-19139, CVE-2018-19539, CVE-2018-19540, + CVE-2018-19541, CVE-2018-19542, CVE-2018-20570, CVE-2018-20584 and + CVE-2018-20622. + * Multiple issues were found in the JasPer JPEG-2000 library that could lead + to a denial-of-service (application crash), memory leaks and potentially + the execution of arbitrary code if a malformed image file is processed. + 1.900.1-debian1-2.4+deb8u4 [Fri, 16 Nov 2018 18:44:08 +0100] Markus Koschany <apo@debian.org>: * Non-maintainer upload by the LTS team. <http://10.200.17.11/4.2-5/#7563754712528245867>
OK: yaml OK: announce_errata OK: patch OK: piuparts [4.2-5] bed3186998 Bug #48451: jasper_1.900.1-debian1-2.4+deb8u5 doc/errata/staging/jasper.yaml | 32 ++++++++++++++++++++++++++++++++ 1 file changed, 32 insertions(+)
<http://errata.software-univention.de/ucs/4.2/576.html>