CVE-2016-8690 log

Source
Severity Medium
Remote Yes
Type Denial of service
Description
A null pointer dereference vulnerability was found in bmp_getdata triggered by invoking imginfo command on specially crafted BMP image.
Group Package Affected Fixed Severity Status Ticket
AVG-14 jasper 1.900.1-15 1.900.31-1 Critical Fixed
Date Advisory Group Package Severity Description
07 Dec 2016 ASA-201612-9 AVG-14 jasper Critical multiple issues
References
http://www.openwall.com/lists/oss-security/2016/10/16/14
https://blogs.gentoo.org/ago/2016/10/16/jasper-two-null-pointer-dereference-in-bmp_getdata-bmp_dec-c/
https://github.com/mdadams/jasper/commit/8f62b4761711d036fd8964df256b938c809b7fca