Alerts This Week
Warning Icon 1 916
Alerts This Week
Warning Icon 1 916

SUSE: 2019:2513-1 Moderate: Jasper Denial of Service Fix

suse
Calendar Grey October 2, 2019
Dist Suse Esm H88
SUSE has released a security patch for jasper that mitigates moderate risks impacting various software offerings.
An update that fixes 5 vulnerabilities is now available

Summary

This update for jasper fixes the following issues: Security issues fixed: - CVE-2018-19540: Fixed a heap based overflow in jas_icctxtdesc_input (bsc#1117508). - CVE-2018-19541: Fix heap based overread in jas_image_depalettize (bsc#1117507). - CVE-2018-19542: Fixed a denial of service in jp2_decode (bsc#1117505). - CVE-2018-19539: Fixed a denial of service in jas_image_readcmpt (bsc#1117511). - CVE-2016-9396: Fixed a denial of service in jpc_cox_getcompparms (bsc#1010783). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP4: zypper in -t patch SUSE-SLE-SDK-12-SP4-2019-2513=1

Topics%20covered

Topics Covered

security advisory moderate denial of service software update heap overflow SUSE jasper

References

#1010783 #1117505 #1117507 #1117508 #1117511

Cross- CVE-2016-9396 CVE-2018-19539 CVE-2018-19540

CVE-2018-19541 CVE-2018-19542

Affected Products:

SUSE Linux Enterprise Software Development Kit 12-SP4

SUSE Linux Enterprise Server 12-SP4

SUSE Linux Enterprise Desktop 12-SP4

https://www.suse.com/security/cve/CVE-2016-9396.html

https://www.suse.com/security/cve/CVE-2018-19539.html

https://www.suse.com/security/cve/CVE-2018-19540.html

https://www.suse.com/security/cve/CVE-2018-19541.html

https://www.suse.com/security/cve/CVE-2018-19542.html

https://bugzilla.suse.com/1010783

https://bugzilla.suse.com/1117505

https://bugzilla.suse.com/1117507

https://bugzilla.suse.com/1117508

https://bugzilla.suse.com/1117511

Announcement ID: SUSE-SU-2019:2513-1
Rating: moderate

Topics%20covered

Topics Covered

security advisory moderate denial of service software update heap overflow SUSE jasper

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here