jasper 1.900.1-5ubuntu0.1 source package in Ubuntu
Changelog
jasper (1.900.1-5ubuntu0.1) intrepid-security; urgency=low
* SECURITY UPDATE: integer overflows via integer multiplication for
memory allocation
- debian/patches/02_security_CVE-2008-3520-3521-3522.dpatch: introduce
new size-checked allocation functions, and use them everywhere.
- CVE-2008-3520
* SECURITY UPDATE: denial of service via temporary file name prediction
- debian/patches/02_security_CVE-2008-3520-3521-3522.dpatch: use
mkstemp() in src/libjasper/base/jas_stream.c.
- CVE-2008-3521
* SECURITY UPDATE: buffer overflow via vsprintf in jas_stream_printf()
- debian/patches/02_security_CVE-2008-3520-3521-3522.dpatch: use
vsnprintf() in src/libjasper/base/jas_stream.c.
- CVE-2008-3522
-- Marc Deslauriers <email address hidden> Wed, 18 Mar 2009 11:03:55 -0400
Upload details
- Uploaded by:
- Marc Deslauriers
- Uploaded to:
- Intrepid
- Original maintainer:
- Ubuntu Development Team
- Architectures:
- any
- Section:
- graphics
- Urgency:
- Low Urgency
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| jasper_1.900.1.orig.tar.gz | 1.1 MiB | 6cf104e2811f6088ca1dc76d87dd27c55178d3ccced20db8858d28ae22911a94 |
| jasper_1.900.1-5ubuntu0.1.diff.gz | 51.5 KiB | 2c1bce08d55238109bfec5bbc815a402bd128db31b4c0cf492ad28470d0e26c5 |
| jasper_1.900.1-5ubuntu0.1.dsc | 1.2 KiB | 32b00fc8f5ea90d40972bb1e76dc28ebb01783da70a8a206c100db22d58a4779 |
Available diffs
Binary packages built by this source
- libjasper-dev: No summary available for libjasper-dev in ubuntu intrepid.
No description available for libjasper-dev in ubuntu intrepid.
- libjasper-runtime: No summary available for libjasper-runtime in ubuntu intrepid.
No description available for libjasper-runtime in ubuntu intrepid.
- libjasper1: No summary available for libjasper1 in ubuntu intrepid.
No description available for libjasper1 in ubuntu intrepid.
