Ubuntu
jasper package

Overview
Code
Bugs
Blueprints
Translations
Answers

Bug #1547865
Comment #11

Comment 11 for bug 1547865

Revision history for this message

Launchpad Janitor (janitor) wrote on 2016-03-03:

#11

This bug was fixed in the package jasper - 1.900.1-14ubuntu3.3

---------------
jasper (1.900.1-14ubuntu3.3) trusty-security; urgency=medium

  * SECURITY UPDATE: Denial of service or possible code execution via crafted
    ICC color profile (LP: #1547865)
    - debian/patches/09-CVE-2016-1577.patch: Prevent double-free in
      src/libjasper/base/jas_icc.c
    - CVE-2016-1577
  * SECURITY UPDATE: Denial of service via resource exhaustion via crafted ICC
    color profile
    - debian/patches/10-CVE-2016-2116.patch: Prevent memory leak in
      src/libjasper/base/jas_icc.c
    - CVE-2016-2116

-- Tyler Hicks <email address hidden> Fri, 26 Feb 2016 00:07:11 -0600

Ubuntujasper package

Comment 11 for bug 1547865

Ubuntu
jasper package