Alerts This Week
Warning Icon 1 687
Alerts This Week
Warning Icon 1 687

Ubuntu 16.04 LTS USN-3295-1 Critical: JasPer Denial of Service Risk

Calendar May 18, 2017 User Avatar LinuxSecurity Advisories
1 - 2 min read
Ubuntu Large Esm H500
Topics%20covered

Topics Covered

security advisory denial of service code execution ubuntu update instruction jasper
Several security issues were fixed in JasPer. 
=========================================================================Ubuntu Security Notice USN-3295-1
May 18, 2017

jasper vulnerabilities
=========================================================================
A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS

Summary:

Several security issues were fixed in JasPer.

Software Description:
- jasper: Library for manipulating JPEG-2000 files

Details:

It was discovered that JasPer incorrectly handled certain malformed
JPEG-2000 image files. If a user or automated system using JasPer were
tricked into opening a specially crafted image, an attacker could exploit
this to cause a denial of service or possibly execute code with the
privileges of the user invoking the program.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 16.04 LTS:
  libjasper1                      1.900.1-debian1-2.4ubuntu1.1

Ubuntu 14.04 LTS:
  libjasper1                      1.900.1-14ubuntu3.4

In general, a standard system update will make all the necessary changes.

References:
  https://ubuntu.com/security/notices/USN-3295-1
  CVE-2016-10249, CVE-2016-10251, CVE-2016-1867, CVE-2016-2089,
  CVE-2016-8654, CVE-2016-8691, CVE-2016-8692, CVE-2016-8693,
  CVE-2016-8882, CVE-2016-9560, CVE-2016-9591

Package Information:
  https://launchpad.net/ubuntu/+source/jasper/1.900.1-debian1-2.4ubuntu1.1
  https://launchpad.net/ubuntu/+source/jasper/1.900.1-14ubuntu3.4

Ubuntu 16.04 LTS USN-3295-1 Critical: JasPer Denial of Service Risk

ubuntu
Calendar Grey May 18, 2017
Dist Ubuntu Esm H88
Upgrade your Ubuntu installations to resolve various JasPer vulnerabilities that could lead to possible code execution on impacted versions.
Several security issues were fixed in JasPer.

Summary

Topics%20covered

Topics Covered

security advisory denial of service code execution ubuntu update instruction jasper

Update Instructions

The problem can be corrected by updating your system to the following package versions: Ubuntu 16.04 LTS: libjasper1 1.900.1-debian1-2.4ubuntu1.1 Ubuntu 14.04 LTS: libjasper1 1.900.1-14ubuntu3.4 In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-3295-1

CVE-2016-10249, CVE-2016-10251, CVE-2016-1867, CVE-2016-2089,

CVE-2016-8654, CVE-2016-8691, CVE-2016-8692, CVE-2016-8693,

CVE-2016-8882, CVE-2016-9560, CVE-2016-9591

Severity
critical
Lowest
Low
Medium
High
Critical

May 18, 2017

Topics%20covered

Topics Covered

security advisory denial of service code execution ubuntu update instruction jasper

Package Information

https://launchpad.net/ubuntu/+source/jasper/1.900.1-debian1-2.4ubuntu1.1 https://launchpad.net/ubuntu/+source/jasper/1.900.1-14ubuntu3.4

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here