Mageia: 2019-0167 Moderate Update for Jasper DoS Vulnerability Fix
mageia
May 12, 2019
Updated jasper packages fix security vulnerabilities: The jpc_floorlog2 function in jpc_math.c in JasPer before 1.900.17 allows remote attackers to cause a denial of service (asse...
Summary
Updated jasper packages fix security vulnerabilities:
The jpc_floorlog2 function in jpc_math.c in JasPer before 1.900.17
allows remote attackers to cause a denial of service (assertion failure)
via unspecified vectors (CVE-2016-9398).
A denial of service in jp2_decode (CVE-2018-19542).
A denial of service in jas_image_readcmpt (CVE-2018-19539).
References
- https://bugs.mageia.org/show_bug.cgi?id=24760
- - https://www.cve.org/CVERecord?id=CVE-2016-9398
- https://www.cve.org/CVERecord?id=CVE-2018-19542
- https://www.cve.org/CVERecord?id=CVE-2018-19539
Topics Covered
Resolution
SRPMS
- 6/core/jasper-1.900.23-5.2.mga6
PREVIOUS
NEXT
Publication date: 12 May 2019
URL: https://advisories.mageia.org/MGASA-2019-0167.html
Type: security
CVE: CVE-2016-9398,
CVE-2018-19542,
CVE-2018-19539
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!