Download
| Alert*
oval:org.secpod.oval:def:89044852
This update for jasper fixes the following issues: Security issues fixed: - CVE-2016-8654: Heap-based buffer overflow in QMFB code in JPC codec - CVE-2016-9395: Missing sanity checks on the data in a SIZ marker segment . - CVE-2016-9398: jpc_math.c:94: int jpc_floorlog2: Assertion "x 0" failed. - ... oval:org.secpod.oval:def:89044759 This update for jasper fixes the following issues: Security issues fixed: - CVE-2016-9600: Null Pointer Dereference due to missing check for UNKNOWN color space in JP2 encoder - CVE-2016-10251: Use of uninitialized value in jpc_pi_nextcprl - CVE-2017-5498: left-shift undefined behaviour - CVE-20 ... |