Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 524
Alerts This Week
Warning Icon 1 524

Stay Secure with the Latest Linux Advisories

Filter%20icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 88 articles for you...
100

SUSE: 2024:1464-1 Critical Jasper Denial Of Service Vulnerability Update

* bsc#1223155 Cross-References: * CVE-2024-31744 . # Security update for jasper Announcement ID: SUSE-SU-2024:1464-1 Rating: important References: * bsc#1223155 Cross-References: * CVE-2024-31744 CVSS scores: * CVE-2024-31744 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP5 * Desktop Applications Module 15-SP5 * openSUSE Leap 15.5 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability can now be installed. ## Description: This update for jasper fixes the following issues: * CVE-2024-31744: Fixed denial of service through assertion failure in jpc_streamlist_remove() (bsc#1223155). ## Patch Instructions: Toinstall this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1464=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-1464=1 * Desktop Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP5-2024-1464=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-1464=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-1464=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-1464=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-1464=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-1464=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-1464=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-1464=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-1464=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-1464=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-1464=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-1464=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-1464=1 * SUSEManager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-1464=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-1464=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-1464=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * libjasper-devel-2.0.14-150000.3.34.1 * jasper-debugsource-2.0.14-150000.3.34.1 * jasper-2.0.14-150000.3.34.1 * libjasper4-2.0.14-150000.3.34.1 * libjasper4-debuginfo-2.0.14-150000.3.34.1 * jasper-debuginfo-2.0.14-150000.3.34.1 * openSUSE Leap 15.5 (x86_64) * libjasper4-32bit-2.0.14-150000.3.34.1 * libjasper4-32bit-debuginfo-2.0.14-150000.3.34.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * jasper-debugsource-2.0.14-150000.3.34.1 * libjasper4-2.0.14-150000.3.34.1 * libjasper4-debuginfo-2.0.14-150000.3.34.1 * jasper-debuginfo-2.0.14-150000.3.34.1 * Desktop Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * jasper-debugsource-2.0.14-150000.3.34.1 * libjasper-devel-2.0.14-150000.3.34.1 * jasper-debuginfo-2.0.14-150000.3.34.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * libjasper-devel-2.0.14-150000.3.34.1 * jasper-debugsource-2.0.14-150000.3.34.1 * libjasper4-2.0.14-150000.3.34.1 * libjasper4-debuginfo-2.0.14-150000.3.34.1 * jasper-debuginfo-2.0.14-150000.3.34.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * libjasper-devel-2.0.14-150000.3.34.1 * jasper-debugsource-2.0.14-150000.3.34.1 * libjasper4-2.0.14-150000.3.34.1 * libjasper4-debuginfo-2.0.14-150000.3.34.1 * jasper-debuginfo-2.0.14-150000.3.34.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * libjasper-devel-2.0.14-150000.3.34.1 * jasper-debugsource-2.0.14-150000.3.34.1 * libjasper4-2.0.14-150000.3.34.1 * libjasper4-debuginfo-2.0.14-150000.3.34.1 * jasper-debuginfo-2.0.14-150000.3.34.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * libjasper-devel-2.0.14-150000.3.34.1 * jasper-debugsource-2.0.14-150000.3.34.1 * libjasper4-2.0.14-150000.3.34.1 * libjasper4-debuginfo-2.0.14-150000.3.34.1 * jasper-debuginfo-2.0.14-150000.3.34.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * libjasper-devel-2.0.14-150000.3.34.1 * jasper-debugsource-2.0.14-150000.3.34.1 * libjasper4-2.0.14-150000.3.34.1 * libjasper4-debuginfo-2.0.14-150000.3.34.1 * jasper-debuginfo-2.0.14-150000.3.34.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * libjasper-devel-2.0.14-150000.3.34.1 * jasper-debugsource-2.0.14-150000.3.34.1 * libjasper4-2.0.14-150000.3.34.1 * libjasper4-debuginfo-2.0.14-150000.3.34.1 * jasper-debuginfo-2.0.14-150000.3.34.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * libjasper-devel-2.0.14-150000.3.34.1 * jasper-debugsource-2.0.14-150000.3.34.1 * libjasper4-2.0.14-150000.3.34.1 * libjasper4-debuginfo-2.0.14-150000.3.34.1 * jasper-debuginfo-2.0.14-150000.3.34.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * libjasper-devel-2.0.14-150000.3.34.1 * jasper-debugsource-2.0.14-150000.3.34.1 * libjasper4-2.0.14-150000.3.34.1 * libjasper4-debuginfo-2.0.14-150000.3.34.1 * jasper-debuginfo-2.0.14-150000.3.34.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * libjasper-devel-2.0.14-150000.3.34.1 * jasper-debugsource-2.0.14-150000.3.34.1 * libjasper4-2.0.14-150000.3.34.1 * libjasper4-debuginfo-2.0.14-150000.3.34.1 * jasper-debuginfo-2.0.14-150000.3.34.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * libjasper-devel-2.0.14-150000.3.34.1 *jasper-debugsource-2.0.14-150000.3.34.1 * libjasper4-2.0.14-150000.3.34.1 * libjasper4-debuginfo-2.0.14-150000.3.34.1 * jasper-debuginfo-2.0.14-150000.3.34.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * libjasper-devel-2.0.14-150000.3.34.1 * jasper-debugsource-2.0.14-150000.3.34.1 * libjasper4-2.0.14-150000.3.34.1 * libjasper4-debuginfo-2.0.14-150000.3.34.1 * jasper-debuginfo-2.0.14-150000.3.34.1 * SUSE Manager Proxy 4.3 (x86_64) * jasper-debugsource-2.0.14-150000.3.34.1 * libjasper4-2.0.14-150000.3.34.1 * libjasper4-debuginfo-2.0.14-150000.3.34.1 * jasper-debuginfo-2.0.14-150000.3.34.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * jasper-debugsource-2.0.14-150000.3.34.1 * libjasper4-2.0.14-150000.3.34.1 * libjasper4-debuginfo-2.0.14-150000.3.34.1 * jasper-debuginfo-2.0.14-150000.3.34.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * jasper-debugsource-2.0.14-150000.3.34.1 * libjasper4-2.0.14-150000.3.34.1 * libjasper4-debuginfo-2.0.14-150000.3.34.1 * jasper-debuginfo-2.0.14-150000.3.34.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * libjasper-devel-2.0.14-150000.3.34.1 * jasper-debugsource-2.0.14-150000.3.34.1 * libjasper4-2.0.14-150000.3.34.1 * libjasper4-debuginfo-2.0.14-150000.3.34.1 * jasper-debuginfo-2.0.14-150000.3.34.1 ## References: * https://www.suse.com/security/cve/CVE-2024-31744.html * https://bugzilla.suse.com/show_bug.cgi?id=1223155 . Explore the SUSE Security Advisory concerning jasper, which tackles a significant denial of service vulnerability and the steps taken for its remediation.. SUSE Security, Jasper Update, Denial Of Service, Software Security Patch. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Aug 19, 2024 Important SuSE
100

SUSE: 2024:1396-1 Important: Jasper Denial of Service Fix

* bsc#1223155 Cross-References: * CVE-2024-31744 . # Security update for jasper Announcement ID: SUSE-SU-2024:1396-1 Rating: important References: * bsc#1223155 Cross-References: * CVE-2024-31744 CVSS scores: * CVE-2024-31744 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for jasper fixes the following issues: * CVE-2024-31744: Fixed denial of service through assertion failure in jpc_streamlist_remove() (bsc#1223155). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-1396=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1396=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1396=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1396=1 ## Package List: * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * libjasper-devel-1.900.14-195.40.1 * jasper-debuginfo-1.900.14-195.40.1 * jasper-debugsource-1.900.14-195.40.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * libjasper1-1.900.14-195.40.1 * libjasper1-debuginfo-1.900.14-195.40.1 * jasper-debuginfo-1.900.14-195.40.1 * jasper-debugsource-1.900.14-195.40.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (x86_64) *libjasper1-32bit-1.900.14-195.40.1 * libjasper1-debuginfo-32bit-1.900.14-195.40.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * libjasper1-1.900.14-195.40.1 * libjasper1-debuginfo-1.900.14-195.40.1 * jasper-debuginfo-1.900.14-195.40.1 * jasper-debugsource-1.900.14-195.40.1 * SUSE Linux Enterprise Server 12 SP5 (s390x x86_64) * libjasper1-32bit-1.900.14-195.40.1 * libjasper1-debuginfo-32bit-1.900.14-195.40.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * libjasper1-1.900.14-195.40.1 * libjasper1-debuginfo-1.900.14-195.40.1 * jasper-debuginfo-1.900.14-195.40.1 * jasper-debugsource-1.900.14-195.40.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (x86_64) * libjasper1-32bit-1.900.14-195.40.1 * libjasper1-debuginfo-32bit-1.900.14-195.40.1 ## References: * https://www.suse.com/security/cve/CVE-2024-31744.html * https://bugzilla.suse.com/show_bug.cgi?id=1223155 . Critical security alert regarding SUSE Linux update addressing denial of service issues in jasper package, along with recommendations for implementation.. SUSE Linux,running jasper,security fixes,denial of service,important patch. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Apr 23, 2024 Important SuSE
100

SUSE 12 SP5: Update 2024:0240-1 moderate: jasper out of bounds write

* bsc#1218802 Cross-References: * CVE-2023-51257 . # Security update for jasper Announcement ID: SUSE-SU-2024:0240-1 Rating: moderate References: * bsc#1218802 Cross-References: * CVE-2023-51257 CVSS scores: * CVE-2023-51257 ( SUSE ): 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L * CVE-2023-51257 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for jasper fixes the following issues: * CVE-2023-51257: Fixed an out of bounds write in the JPC encoder (bsc#1218802). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-240=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-240=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-240=1 * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-240=1 ## Package List: * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * libjasper1-debuginfo-1.900.14-195.37.1 * libjasper1-1.900.14-195.37.1 * jasper-debuginfo-1.900.14-195.37.1 * jasper-debugsource-1.900.14-195.37.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (x86_64) * libjasper1-debuginfo-32bit-1.900.14-195.37.1 * libjasper1-32bit-1.900.14-195.37.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) *libjasper1-debuginfo-1.900.14-195.37.1 * libjasper1-1.900.14-195.37.1 * jasper-debuginfo-1.900.14-195.37.1 * jasper-debugsource-1.900.14-195.37.1 * SUSE Linux Enterprise Server 12 SP5 (s390x x86_64) * libjasper1-debuginfo-32bit-1.900.14-195.37.1 * libjasper1-32bit-1.900.14-195.37.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * libjasper1-debuginfo-1.900.14-195.37.1 * libjasper1-1.900.14-195.37.1 * jasper-debuginfo-1.900.14-195.37.1 * jasper-debugsource-1.900.14-195.37.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (x86_64) * libjasper1-debuginfo-32bit-1.900.14-195.37.1 * libjasper1-32bit-1.900.14-195.37.1 * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * libjasper-devel-1.900.14-195.37.1 * jasper-debuginfo-1.900.14-195.37.1 * jasper-debugsource-1.900.14-195.37.1 ## References: * https://www.suse.com/security/cve/CVE-2023-51257.html * https://bugzilla.suse.com/show_bug.cgi?id=1218802 . This patch resolves a critical vulnerability in the Timber framework, impacting various versions of Debian. Ensure to implement updates for safety.. SUSE Security Update,Jasper CVE-2023-51257,SUSE Linux Enterprise,Linux Patch Management. . LinuxSecurity.com Team

Calendar%202 Jan 26, 2024 SuSE
100

OpenSUSE 15.5: 2024:0241-1 moderate: jasper out of bounds write

* bsc#1218802 Cross-References: * CVE-2023-51257 . # Security update for jasper Announcement ID: SUSE-SU-2024:0241-1 Rating: moderate References: * bsc#1218802 Cross-References: * CVE-2023-51257 CVSS scores: * CVE-2023-51257 ( SUSE ): 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L * CVE-2023-51257 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP5 * Desktop Applications Module 15-SP5 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for jasper fixes the following issues: * CVE-2023-51257: Fixed an out of bounds write in the JPC encoder (bsc#1218802). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-241=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-241=1 * Desktop Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP5-2024-241=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * jasper-2.0.14-150000.3.31.1 * libjasper4-2.0.14-150000.3.31.1 * jasper-debugsource-2.0.14-150000.3.31.1 * libjasper-devel-2.0.14-150000.3.31.1 * libjasper4-debuginfo-2.0.14-150000.3.31.1 * jasper-debuginfo-2.0.14-150000.3.31.1 * openSUSE Leap 15.5 (x86_64) * libjasper4-32bit-2.0.14-150000.3.31.1 * libjasper4-32bit-debuginfo-2.0.14-150000.3.31.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * jasper-debugsource-2.0.14-150000.3.31.1 *libjasper4-debuginfo-2.0.14-150000.3.31.1 * libjasper4-2.0.14-150000.3.31.1 * jasper-debuginfo-2.0.14-150000.3.31.1 * Desktop Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * jasper-debugsource-2.0.14-150000.3.31.1 * libjasper-devel-2.0.14-150000.3.31.1 * jasper-debuginfo-2.0.14-150000.3.31.1 ## References: * https://www.suse.com/security/cve/CVE-2023-51257.html * https://bugzilla.suse.com/show_bug.cgi?id=1218802 . A new update for Jasper addresses a moderate severity vulnerability linked to an out of bounds write in SUSE.. openSUSE Jasper Update, Out Of Bounds Write, SUSE Security Patch. . LinuxSecurity.com Team

Calendar%202 Jan 26, 2024 SuSE
202

openSUSE Leap 15.5: SUSE-SU-2024:0241-1 Moderate Jasper Out Of Bounds Fix

This update for jasper fixes the following issues: CVE-2023-51257: Fixed an out of bounds write in the JPC encoder (bsc#1218802).. # Security update for jasper Announcement ID: SUSE-SU-2024:0241-1 Rating: moderate References: * bsc#1218802 Cross-References: * CVE-2023-51257 CVSS scores: * CVE-2023-51257 ( SUSE ): 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L * CVE-2023-51257 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP5 * Desktop Applications Module 15-SP5 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for jasper fixes the following issues: * CVE-2023-51257: Fixed an out of bounds write in the JPC encoder (bsc#1218802). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-241=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-241=1 * Desktop Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP5-2024-241=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * jasper-2.0.14-150000.3.31.1 * libjasper4-2.0.14-150000.3.31.1 * jasper-debugsource-2.0.14-150000.3.31.1 * libjasper-devel-2.0.14-150000.3.31.1 * libjasper4-debuginfo-2.0.14-150000.3.31.1 * jasper-debuginfo-2.0.14-150000.3.31.1 * openSUSE Leap 15.5 (x86_64) * libjasper4-32bit-2.0.14-150000.3.31.1 * libjasper4-32bit-debuginfo-2.0.14-150000.3.31.1 * Basesystem Module 15-SP5(aarch64 ppc64le s390x x86_64) * jasper-debugsource-2.0.14-150000.3.31.1 * libjasper4-debuginfo-2.0.14-150000.3.31.1 * libjasper4-2.0.14-150000.3.31.1 * jasper-debuginfo-2.0.14-150000.3.31.1 * Desktop Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * jasper-debugsource-2.0.14-150000.3.31.1 * libjasper-devel-2.0.14-150000.3.31.1 * jasper-debuginfo-2.0.14-150000.3.31.1 ## References: * https://www.suse.com/security/cve/CVE-2023-51257.html * https://bugzilla.suse.com/show_bug.cgi?id=1218802 . Important security enhancement for jasper related to CVE-2023-52345. Update the software using zypper or YaST.. openSUSE Patch, Jasper Fix, SUSE Update. . LinuxSecurity.com Team

Calendar%202 Jan 26, 2024 OpenSUSE
203

Mageia 8: MGASA-2023-0091 Moderate: Jasper Memory Leak Crash Risk

Memory leak in function cmdopts_parse that can cause a crash or segmentation fault. (CVE-2022-2963) References: - https://bugs.mageia.org/show_bug.cgi?id=30847 . MGASA-2023-0091 - Updated jasper packages fix security vulnerability Publication date: 18 Mar 2023 URL: https://advisories.mageia.org/MGASA-2023-0091.html Type: security Affected Mageia releases: 8 CVE: CVE-2022-2963 Memory leak in function cmdopts_parse that can cause a crash or segmentation fault. (CVE-2022-2963) References: - https://bugs.mageia.org/show_bug.cgi?id=30847 - https://www.cve.org/CVERecord?id=CVE-2022-2963 - https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./thread/DLYNZDATEV2SVZGDDZDHN7AVYKTNQLDA/ - - https://www.cve.org/CVERecord?id=CVE-2022-2963 SRPMS: - 8/core/jasper-2.0.27-1.1.mga8 . MGASA-2023-0092 resolves gtk memory leak issues to enhance stability. Keep up with recent security patches for Mageia.. jasper Security Update,Mageia 2023-0091,memory leak fix,application crash mitigation. . LinuxSecurity.com Team

Calendar%202 Mar 18, 2023 Mageia
100

SUSE: 2022:3672-1 Moderate: Memory Leak Vulnerability in Jasper

An update that fixes one vulnerability is now available. . SUSE Security Update: Security update for jasper ______________________________________________________________________________ Announcement ID: SUSE-SU-2022:3672-1 Rating: moderate References: #1202642 Cross-References: CVE-2022-2963 CVSS scores: CVE-2022-2963 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2022-2963 (SUSE): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: SUSE Linux Enterprise Server 12-SP5 SUSE Linux Enterprise Server for SAP Applications 12-SP5 SUSE Linux Enterprise Software Development Kit 12-SP5 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for jasper fixes the following issues: - CVE-2022-2963: Fixed memory leaks in function cmdopts_parse (bsc#1202642). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP5: zypper in -t patch SUSE-SLE-SDK-12-SP5-2022-3672=1 - SUSE Linux Enterprise Server 12-SP5: zypper in -t patch SUSE-SLE-SERVER-12-SP5-2022-3672=1 Package List: - SUSE Linux Enterprise Software Development Kit 12-SP5 (aarch64 ppc64le s390x x86_64): jasper-debuginfo-1.900.14-195.34.1 jasper-debugsource-1.900.14-195.34.1 libjasper-devel-1.900.14-195.34.1 - SUSE Linux Enterprise Server 12-SP5 (aarch64 ppc64le s390x x86_64): jasper-debuginfo-1.900.14-195.34.1 jasper-debugsource-1.900.14-195.34.1 libjasper1-1.900.14-195.34.1 libjasper1-debuginfo-1.900.14-195.34.1 - SUSE Linux Enterprise Server 12-SP5 (s390x x86_64): libjasper1-32bit-1.900.14-195.34.1 libjasper1-debuginfo-32bit-1.900.14-195.34.1 References: https://www.suse.com/security/cve/CVE-2022-2963.html https://bugzilla.suse.com/1202642 . SUSE has rolled out a security update for jasper, addressing moderate vulnerabilities. Check the advisory for guidance on installation procedures.. SUSE Security Update,Jasper Fixes,Moderate Threat. . LinuxSecurity.com Team

Calendar%202 Oct 20, 2022 SuSE
100

SUSE: 2022:1475-1 Moderate: jasper DoS And NULL Pointer Issues

An update that fixes four vulnerabilities is now available. . SUSE Security Update: Security update for jasper ______________________________________________________________________________ Announcement ID: SUSE-SU-2022:1475-1 Rating: moderate References: #1182104 #1182105 #1184757 #1184798 Cross-References: CVE-2021-26926 CVE-2021-26927 CVE-2021-3443 CVE-2021-3467 CVSS scores: CVE-2021-26926 (NVD) : 7.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H CVE-2021-26926 (SUSE): 5.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L CVE-2021-26927 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2021-26927 (SUSE): 4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVE-2021-3443 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2021-3443 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2021-3467 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2021-3467 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Affected Products: SUSE Linux Enterprise Server 12-SP5 SUSE Linux Enterprise Server for SAP Applications 12-SP5 SUSE Linux Enterprise Software Development Kit 12-SP5 ______________________________________________________________________________ An update that fixes four vulnerabilities is now available. Description: This update for jasper fixes the following issues: - CVE-2021-3467: Fixed NULL pointer deref in jp2_decode() (bsc#1184757). - CVE-2021-3443: Fixed NULL pointer deref in jp2_decode() (bsc#1184798). - CVE-2021-26927: Fixed NULL pointer deref in jp2_decode() (bsc#1182104). - CVE-2021-26926: Fixed an out of bounds read in jp2_decode() (bsc#1182105). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaSTonline_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP5: zypper in -t patch SUSE-SLE-SDK-12-SP5-2022-1475=1 - SUSE Linux Enterprise Server 12-SP5: zypper in -t patch SUSE-SLE-SERVER-12-SP5-2022-1475=1 Package List: - SUSE Linux Enterprise Software Development Kit 12-SP5 (aarch64 ppc64le s390x x86_64): jasper-debuginfo-1.900.14-195.31.1 jasper-debugsource-1.900.14-195.31.1 libjasper-devel-1.900.14-195.31.1 - SUSE Linux Enterprise Server 12-SP5 (aarch64 ppc64le s390x x86_64): jasper-debuginfo-1.900.14-195.31.1 jasper-debugsource-1.900.14-195.31.1 libjasper1-1.900.14-195.31.1 libjasper1-debuginfo-1.900.14-195.31.1 - SUSE Linux Enterprise Server 12-SP5 (s390x x86_64): libjasper1-32bit-1.900.14-195.31.1 libjasper1-debuginfo-32bit-1.900.14-195.31.1 References: https://www.suse.com/security/cve/CVE-2021-26926.html https://www.suse.com/security/cve/CVE-2021-26927.html https://www.suse.com/security/cve/CVE-2021-3443.html https://www.suse.com/security/cve/CVE-2021-3467.html https://bugzilla.suse.com/1182104 https://bugzilla.suse.com/1182105 https://bugzilla.suse.com/1184757 https://bugzilla.suse.com/1184798 . SUSE Security Update for libxml2 resolves five issues of moderate severity impacting numerous SUSE applications.. SUSE patch, jasper security, SUSE vulnerabilities, security update, Linux patch. . LinuxSecurity.com Team

Calendar%202 Apr 29, 2022 SuSE
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200