OVMSA-2015-0006 - jasper security update
| Type: | SECURITY |
| Impact: | IMPORTANT |
| Release Date: | 2015-01-23 |
Description
[1.900.1-16.3]
- CVE-2014-8157 - dec->numtiles off-by-one check in jpc_dec_process_sot() (#1183671)
- CVE-2014-8158 - unrestricted stack memory use in jpc_qmfb.c (#1183679)
[1.900.1-16.2]
- CVE-2014-8137 - double-free in in jas_iccattrval_destroy (#1173566)
- CVE-2014-8138 - heap overflow in jp2_decode (#1173566)
[1.900.1-16.1]
- CVE-2014-9029 - incorrect component number check in COC, RGN and QCC
marker segment decoders (#1171208)
Related CVEs
Updated Packages
| Release/Architecture | Filename | sha256 | Superseded By Advisory | Channel Label |
|
| Oracle VM 3.3 (x86_64) | jasper-1.900.1-16.el6_6.3.src.rpm | e3183e630f463de39183f1fb6bee8686b201e415226c83d83a66dd7ec95e90e9 | OVMSA-2017-0102 | ovm3_x86_64_3.3_patch |
| jasper-libs-1.900.1-16.el6_6.3.x86_64.rpm | b841abd34e62def7c7ec0e992b0eaa1f06e4dfe5fadc315e47efbc8591b40707 | OVMSA-2017-0102 | ovm3_x86_64_3.3_patch |
|
| Oracle VM 3.4 (x86_64) | jasper-1.900.1-16.el6_6.3.src.rpm | e3183e630f463de39183f1fb6bee8686b201e415226c83d83a66dd7ec95e90e9 | OVMSA-2017-0102 | ovm34_x86_64_latest |
| jasper-libs-1.900.1-16.el6_6.3.x86_64.rpm | b841abd34e62def7c7ec0e992b0eaa1f06e4dfe5fadc315e47efbc8591b40707 | OVMSA-2017-0102 | ovm34_x86_64_latest |
This page is generated automatically and has not been checked for errors or omissions. For clarification
or corrections please contact the Oracle Linux ULN team
