File _patchinfo of Package patchinfo.5173
<patchinfo incident="5173"> <issue id="1010766" tracker="bnc">VUL-0: CVE-2016-9393: jasper: jpc_t2cod.c:297: int jpc_pi_nextrpcl(jpc_pi_t *): Assertion `pi->prcno pirlvl->numprcs' failed.</issue> <issue id="1047958" tracker="bnc">VUL-1: CVE-2017-1000050: jasper: CVE ID for JasPer 2.0.12 NULL Pointer Dereference jp2_encode (jp2_enc.c)</issue> <issue id="1010757" tracker="bnc">VUL-0: CVE-2016-9392: jasper: pc_dec.c:1637: void calcstepsizes(uint_fast16_t, int, uint_fast16_t *): Assertion `!((expn + (numrlvls - 1) - (numrlvls - 1 - ((bandno > 0) ? ((bandno + 2) / 3) : (0)))) & (~0x1f))' failed.</issue> <issue id="1010756" tracker="bnc">VUL-1: CVE-2016-9394: jasper: assertion in jas_matrix_t *jas_seq2d_create(int, int, int, int): Assertion `xstart <= xend && ystart <= yend'</issue> <issue id="1010774" tracker="bnc">VUL-0: CVE-2016-9390: jasper: jas_seq.c:90: jas_matrix_t *jas_seq2d_create(int, int, int, int): Assertion `xstart <= xend && ystart <= yend' failed.</issue> <issue id="1009994" tracker="bnc">VUL-0: CVE-2016-9262: jasper: Multiple overflow vulnerabilities leading to use after free</issue> <issue id="1010968" tracker="bnc">VUL-0: CVE-2016-9389: jasper: Assertion `((c1)->numcols_) == numcols && ((c2)->numcols_) == numcols' failed.</issue> <issue id="1010782" tracker="bnc">VUL-0: CVE-2016-9391: jasper: jpc_bs.c:197: long jpc_bitstream_getbits(jpc_bitstream_t *, int): Assertion `n >= 0 && n < 32' failed.</issue> <issue id="1010975" tracker="bnc">VUL-0: CVE-2016-9388: jasper: ras_dec.c:330: int ras_getcmap(jas_stream_t *, ras_hdr_t *, ras_cmap_t *):Assertion `numcolors <= ...</issue> <issue id="2017-1000050" tracker="cve" /> <issue id="2016-9262" tracker="cve" /> <issue id="2016-9388" tracker="cve" /> <issue id="2016-9389" tracker="cve" /> <issue id="2016-9390" tracker="cve" /> <issue id="2016-9391" tracker="cve" /> <issue id="2016-9392" tracker="cve" /> <issue id="2016-9393" tracker="cve" /> <issue id="2016-9394" tracker="cve" /> <category>security</category> <rating>moderate</rating> <packager>fstrba</packager> <description>This update for jasper fixes the following issues: Security issues fixed: - CVE-2016-9262: Multiple integer overflows in the jas_realloc function in base/jas_malloc.c and mem_resize function in base/jas_stream.c allow remote attackers to cause a denial of service via a crafted image, which triggers use after free vulnerabilities. (bsc#1009994) - CVE-2016-9388: The ras_getcmap function in ras_dec.c allows remote attackers to cause a denial of service (assertion failure) via a crafted image file. (bsc#1010975) - CVE-2016-9389: The jpc_irct and jpc_iict functions in jpc_mct.c allow remote attackers to cause a denial of service (assertion failure). (bsc#1010968) - CVE-2016-9390: The jas_seq2d_create function in jas_seq.c allows remote attackers to cause a denial of service (assertion failure) via a crafted image file. (bsc#1010774) - CVE-2016-9391: The jpc_bitstream_getbits function in jpc_bs.c allows remote attackers to cause a denial of service (assertion failure) via a very large integer. (bsc#1010782) - CVE-2017-1000050: The jp2_encode function in jp2_enc.c allows remote attackers to cause a denial of service. (bsc#1047958) CVEs already fixed with previous update: - CVE-2016-9392: The calcstepsizes function in jpc_dec.c allows remote attackers to cause a denial of service (assertion failure) via a crafted file. (bsc#1010757) - CVE-2016-9393: The jpc_pi_nextrpcl function in jpc_t2cod.c allows remote attackers to cause a denial of service (assertion failure) via a crafted file. (bsc#1010766) - CVE-2016-9394: The jas_seq2d_create function in jas_seq.c allows remote attackers to cause a denial of service (assertion failure) via a crafted file. (bsc#1010756) </description> <summary>Security update for jasper</summary> </patchinfo>
