AVG-69 log
| Package | jasper |
| Status | Fixed |
| Severity | High |
| Type | multiple issues |
| Affected | 2.0.10-1 |
| Fixed | 2.0.12-1 |
| Current | 4.2.8-1 [extra] |
| Ticket | None |
| Created | Sat Nov 12 14:12:21 2016 |
| Issue | Severity | Remote | Type | Description |
|---|---|---|---|---|
| CVE-2016-9591 | High | Yes | Arbitrary code execution | A heap-use-after-free vulnerability has been found in jasper. The vulnerability exists in code responsible for re-encoding the decoded input image file to a... |
| CVE-2016-8886 | Medium | Yes | Denial of service | A memory allocation failure was found in jas_malloc triggered by a crafted file that results in an application crash leading to denial of service. |
| Date | Advisory | Package | Type |
|---|---|---|---|
| 14 Mar 2017 | ASA-201703-9 | jasper | multiple issues |