CVE-2016-8886 - log back

CVE-2016-8886 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Remote
Type
+ Denial of service
Description
+ A memory allocation failure was found in jas_malloc triggered by a crafted file that results in an application crash leading to denial of service.
References
+ http://seclists.org/oss-sec/2016/q4/214
+ https://blogs.gentoo.org/ago/2016/10/18/jasper-memory-allocation-failure-in-jas_malloc-jas_malloc-c
+ https://github.com/mdadams/jasper/commit/65536647d380571d1a9a6c91fa03775fb5bbd256
Notes
+ Fixed in version 1.900.11 via commit https://github.com/mdadams/jasper/commit/65536647d380571d1a9a6c91fa03775fb5bbd256 now part of version-2.0.12