SUSE-SU-2017:0084-1 -- SLES jasper, libjasper1ID: oval:org.secpod.oval:def:89044889 | Date: (C)2021-07-20 (M)2022-10-10 |
Class: PATCH | Family: unix |
This update for jasper fixes the following issues: - CVE-2016-8654: Heap-based buffer overflow in QMFB code in JPC codec. - CVE-2016-9395: Invalid jasper files could lead to abort of the library caused by attacker provided image. - CVE-2016-9398: Invalid jasper files could lead to abort of the library caused by attacker provided image. - CVE-2016-9560: Stack-based buffer overflow in jpc_tsfb_getbands2. - CVE-2016-9591: Use-after-free on heap in jas_matrix_destroy
Platform: |
SUSE Linux Enterprise Server 12 SP2 |