Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 502
Alerts This Week
Warning Icon 1 502

Mageia 7: 2019-0381 Moderate: Jasper Heap Overflow and Overread

mageia
Calendar Grey December 13, 2019
Dist Mageia Esm H88
Recent updates to jasper packages address critical security vulnerabilities such as heap overflows and overreads for users on Mageia 7.
Heap based overflow in jas_icctxtdesc_input (CVE-2018-19540)

Summary

Heap based overflow in jas_icctxtdesc_input (CVE-2018-19540).
Heap based overread in jas_image_depalettize (CVE-2018-19541).

References

- https://bugs.mageia.org/show_bug.cgi?id=25800

- - https://www.cve.org/CVERecord?id=CVE-2018-19540

- https://www.cve.org/CVERecord?id=CVE-2018-19541

Resolution

SRPMS

- 7/core/jasper-2.0.14-4.1.mga7

Publication date: 13 Dec 2019
URL: https://advisories.mageia.org/MGASA-2019-0381.html
Type: security
CVE: CVE-2018-19540, CVE-2018-19541

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.