FEDORA-2016-e0f0d48142 created by jridky 3 years ago for Fedora 24
stable

This update contains security fix for CVE-2016-8883, CVE-2016-8882, CVE-2016-8881, CVE-2016-8880, CVE-2016-8884, CVE-2016-8885, CVE-2016-8887, CVE-2016-8886.


New version of jasper is available (jasper-1.900.13). Security fix for CVE-2016-8690, CVE-2016-8691, CVE-2016-8692, CVE-2016-8693.


New version of jasper is available (1.900.3)


Security fix for CVE-2016-2089


New version of jasper is available.

How to install

sudo dnf upgrade --advisory=FEDORA-2016-e0f0d48142

This update has been submitted for testing by jridky.

3 years ago

This update has obsoleted jasper-1.900.3-1.fc24, and has inherited its bugs and notes.

3 years ago

This update has been pushed to testing.

3 years ago
User Icon cserpentis commented & provided feedback 3 years ago
karma

works for me

User Icon filiperosset commented & provided feedback 3 years ago
karma

no regressions noted

jridky edited this update.

3 years ago

jridky edited this update.

3 years ago

This update has reached 7 days in testing and can be pushed to stable now if the maintainer wishes

3 years ago

This update has been submitted for stable by jridky.

3 years ago

This update has been pushed to stable.

3 years ago

Please login to add feedback.

Metadata
Type
security
Karma
2
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
5
Dates
submitted
3 years ago
in testing
3 years ago
in stable
3 years ago
modified
3 years ago
BZ#1302636 CVE-2016-2089 jasper: matrix rows_ NULL pointer dereference in jas_matrix_clip()
0
0
BZ#1302639 CVE-2016-2089 jasper: invalid read in the JasPer's jas_matrix_clip() function [fedora-all]
0
0
BZ#1382188 jasper-1.900.2 is available
0
0
BZ#1384266 jasper-1.900.3 is available
0
0
BZ#1385499 CVE-2016-8690 jasper: Null pointer dereference in bmp_getdata triggered by crafted BMP image
0
0
BZ#1385502 CVE-2016-8691 jasper: Divide by zero in jpc_dec_process_siz
0
0
BZ#1385503 CVE-2016-8692 jasper: Divide by zero in jpc_dec_process_siz
0
0
BZ#1385507 CVE-2016-8693 jasper: Double free vulnerability in mem_close
0
0
BZ#1385516 CVE-2016-8690 CVE-2016-8691 CVE-2016-8692 CVE-2016-8693 jasper: various flaws [fedora-all]
0
0
BZ#1385637 jasper-1.900.13 is available
0
0
BZ#1388828 CVE-2016-8887 jasper: Null pointer dereference in jp2_colr_destroy
0
0
BZ#1388829 jasper: Null pointer dereference in jp2_colr_destroy (incomplete fix for CVE-2016-8887)
0
0
BZ#1388831 CVE-2016-8884 CVE-2016-8885 jasper: Null pointer dereference in bmp_getdata (incomplete fix for CVE-2016-8690)
0
0
BZ#1388840 jasper: Heap-based buffer overflow in jpc_dec_tiledecode
0
0
BZ#1388863 CVE-2016-8880 jasper: Heap buffer overflow in jpc_dec_cp_setfromcox()
0
0
BZ#1388864 CVE-2016-8881 jasper: Heap buffer overflow in jpc_getuint16()
0
0
BZ#1388866 CVE-2016-8882 jasper: Null pointer access in jpc_pi_destroy
0
0
BZ#1388870 CVE-2016-8883 jasper: Assert in jpc_dec_tiledecode()
0
0
BZ#1388873 CVE-2016-8880 CVE-2016-8881 CVE-2016-8882 CVE-2016-8883 CVE-2016-8884 CVE-2016-8885 CVE-2016-8887 jasper: various flaws [fedora-all]
0
0
BZ#1388880 CVE-2016-8886 jasper: memory allocation failure in jas_malloc
0
0

Automated Test Results