jasper 1.900.1-3ubuntu0.8.04.1 source package in Ubuntu
Changelog
jasper (1.900.1-3ubuntu0.8.04.1) hardy-security; urgency=low
* SECURITY UPDATE: integer overflows via integer multiplication for
memory allocation
- src/libjasper/include/jasper/jas_malloc.h,
src/libjasper/base/jas_malloc.c:
* introduce new size-checked allocation functions
- src/libjasper/base/jas_*.c,
src/libjasper/bmp/bmp_dec.c,
src/libjasper/jp2/jp2_*.c,
src/libjasper/jpc/jpc_*.c,
src/libjasper/mif/mif_cod.c:
* use new size-checked allocation functions
- CVE-2008-3520
* SECURITY UPDATE: denial of service via temporary file name prediction
- src/libjasper/base/jas_stream.c: use mkstemp()
- CVE-2008-3521
* SECURITY UPDATE: buffer overflow via vsprintf in jas_stream_printf()
- src/libjasper/base/jas_stream.c: use vsnprintf()
- CVE-2008-3522
-- Marc Deslauriers <email address hidden> Wed, 18 Mar 2009 11:54:49 -0400
Upload details
- Uploaded by:
- Marc Deslauriers
- Uploaded to:
- Hardy
- Original maintainer:
- Ubuntu Development Team
- Architectures:
- any
- Section:
- graphics
- Urgency:
- Low Urgency
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| jasper_1.900.1.orig.tar.gz | 1.1 MiB | 6cf104e2811f6088ca1dc76d87dd27c55178d3ccced20db8858d28ae22911a94 |
| jasper_1.900.1-3ubuntu0.8.04.1.diff.gz | 48.6 KiB | 903ad5e7e208411f80cfbed78a1d83eee80639fb68317e919c8c05e81d4fd796 |
| jasper_1.900.1-3ubuntu0.8.04.1.dsc | 787 bytes | b1bfe210f69badb212ba4cb08db3ad0e7d190b1c8e694c4c5fa186bce11da50f |
Available diffs
Binary packages built by this source
- libjasper-dev: No summary available for libjasper-dev in ubuntu hardy.
No description available for libjasper-dev in ubuntu hardy.
- libjasper-runtime: No summary available for libjasper-runtime in ubuntu hardy.
No description available for libjasper-runtime in ubuntu hardy.
- libjasper1: No summary available for libjasper1 in ubuntu hardy.
No description available for libjasper1 in ubuntu hardy.
