Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

SUSE: 2020:2690-1 Low Severity: jasper Denial of Service and Memory Leak

suse
Calendar Grey September 21, 2020
Dist Suse Esm H88
Ubuntu issues a crucial patch for glibc, addressing 12 vulnerabilities deemed low risk, enhancing overall system reliability and performance.
An update that fixes 17 vulnerabilities is now available

Summary

This update for jasper fixes the following issues: - CVE-2016-9398: Improved patch for already fixed issue (bsc#1010979). - CVE-2016-9399: Fix assert in calcstepsizes (bsc#1010980). - CVE-2016-9397: Fix assert in jpc_dequantize (bsc#1010786). - CVE-2016-9557: Fix signed integer overflow (bsc#1011829). - CVE-2017-5499: Validate component depth bit (bsc#1020451). - CVE-2017-5503: Check bounds in jas_seq2d_bindsub() (bsc#1020456). - CVE-2017-5504: Check bounds in jas_seq2d_bindsub() (bsc#1020458). - CVE-2017-5505: Check bounds in jas_seq2d_bindsub() (bsc#1020460). - CVE-2017-14132: Fix heap base overflow in by checking components (bsc#1057152). - CVE-2018-9154: Fixed a potential denial of service in jpc_dec_process_sot() (bsc#1092115).

Topics%20covered

Topics Covered

security advisory denial of service software update memory leak low severity SUSE jasper

References

#1010786 #1010979 #1010980 #1011829 #1020451

#1020456 #1020458 #1020460 #1045450 #1057152

#1088278 #1092115 #1114498 #1115637 #1117328

#1120805 #1120807

Cross- CVE-2016-9397 CVE-2016-9398 CVE-2016-9399

CVE-2016-9557 CVE-2017-14132 CVE-2017-5499

CVE-2017-5503 CVE-2017-5504 CVE-2017-5505

CVE-2017-9782 CVE-2018-18873 CVE-2018-19139

CVE-2018-19543 CVE-2018-20570 CVE-2018-20622

CVE-2018-9154 CVE-2018-9252

Affected Products:

SUSE Linux Enterprise Software Development Kit 12-SP5

SUSE Linux Enterprise Server 12-SP5

https://www.suse.com/security/cve/CVE-2016-9397.html

https://www.suse.com/security/cve/CVE-2016-9398.html

https://www.suse.com/security/cve/CVE-2016-9399.html

https://www.suse.com/security/cve/CVE-2016-9557.html

Severity
low
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2020:2690-1
Rating: low

Topics%20covered

Topics Covered

security advisory denial of service software update memory leak low severity SUSE jasper

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here