[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 101-1] jasper security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Package        : jasper
Version        : 1.900.1-7+squeeze2
CVE ID         : CVE-2014-9029

Josh Duart of the Google Security Team discovered heap-based buffer
overflow flaws in JasPer, a library for manipulating JPEG-2000 files,
which could lead to denial of service (application crash) or the
execution of arbitrary code.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQJ8BAEBCgBmBQJUgvjiXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ2MjAxRkJGRkRCQkRFMDc4MjJFQUJCOTY5
NkZDQUMwRDM4N0I1ODQ3AAoJEJb8rA04e1hHweIP/AwBfAdhGDX+KFAKgkspAuaz
xGGA46+akJKMZJGxNQgXTz/CuRcncbi96xJ8nsBB+hgd83LpuULMRpWpLHiwkUzr
rdctRGNyfLkJsNIf0LpxsPYLilV4nZi+QbJkIo8inbpnt8aOOprgSRvgwYwwlT06
K+2F74sfWeC8zACkO+z8u04Dgj0kjEk5Fq3Xz63uyVg1nqemiD5FDWjNltkhdOWa
sAwtw+52dTjeo17PLWjN4+bVH8OyIvTv0y8XItuTPzoIwxJU6DoBoaGxJL8cNEtq
Yr4IM6qpNOuANoJHrCF1voFYKZXAzk9e4GM6g6OEMzWXqJcHujGDGABVO/gE0v4b
slvj9I1RSWpUERZdn4/fcUA7p+or2/F7E6QwmDnbzWmZkitufgElpPAAZiFqJbHM
LZI/BEl6ftZ1hRq1rKPq/Vi5dYpmk6KPGrAvaz1uSkAZv0gFpvowWK95euozv2Vh
rHLVMmPT7oQmtR/HgN62RVFTQ/t4HHMJpWOiuV5/93cfKLpX9sCZbMnOx4ET1JGp
ukB2Khrz3YsP7WtH23YlWGbdqTH92Hfd0ov7B2HyNyX/n7GRbmgTYsMk6VlMFBpI
1cqS0I9odHMng8rcFGDqaoHp2dUzAaOExzBgm+dqNmsodlLS5bS+ZXhjPFEOYU3g
5hfFtFQ1HyODY9LJSwHA
=UYFm
-----END PGP SIGNATURE-----


Reply to: