CVE-2016-8690 log

Source	CVE Red Hat MITRE NVD Debian Ubuntu SUSE Alpine Mageia CVE Details CIRCL Bugs Arch Linux Red Hat Gentoo SUSE GitHub Lists oss-security full-disclosure bugtraq Misc GitHub code web search
Severity	Medium
Remote	Yes
Type	Denial of service
Description	A null pointer dereference vulnerability was found in bmp_getdata triggered by invoking imginfo command on specially crafted BMP image.

Group	Package	Affected	Fixed	Severity	Status	Ticket
AVG-14	jasper	1.900.1-15	1.900.31-1	Critical	Fixed

Date	Advisory	Group	Package	Severity	Type
07 Dec 2016	ASA-201612-9	AVG-14	jasper	Critical	multiple issues

References
http://www.openwall.com/lists/oss-security/2016/10/16/14 https://blogs.gentoo.org/ago/2016/10/16/jasper-two-null-pointer-dereference-in-bmp_getdata-bmp_dec-c/ https://github.com/mdadams/jasper/commit/8f62b4761711d036fd8964df256b938c809b7fca

References

http://www.openwall.com/lists/oss-security/2016/10/16/14
https://blogs.gentoo.org/ago/2016/10/16/jasper-two-null-pointer-dereference-in-bmp_getdata-bmp_dec-c/
https://github.com/mdadams/jasper/commit/8f62b4761711d036fd8964df256b938c809b7fca