Branches for Hardy

Name Status Last Modified Last Commit
lp://staging/ubuntu/hardy/jasper 1 Development 2009-06-27 03:54:59 UTC
4. Fixed segfaults on broken images (Clo...

Author: Roland Stigge
Revision Date: 2007-04-10 10:05:10 UTC

Fixed segfaults on broken images (Closes: #413041)

lp://staging/ubuntu/hardy-security/jasper 1 Development 2009-06-27 03:55:05 UTC
5. * SECURITY UPDATE: integer overflows ...

Author: Marc Deslauriers
Revision Date: 2009-03-18 11:54:49 UTC

* SECURITY UPDATE: integer overflows via integer multiplication for
  memory allocation
  - src/libjasper/include/jasper/jas_malloc.h,
    src/libjasper/base/jas_malloc.c:
    * introduce new size-checked allocation functions
  - src/libjasper/base/jas_*.c,
    src/libjasper/bmp/bmp_dec.c,
    src/libjasper/jp2/jp2_*.c,
    src/libjasper/jpc/jpc_*.c,
    src/libjasper/mif/mif_cod.c:
    * use new size-checked allocation functions
  - CVE-2008-3520
* SECURITY UPDATE: denial of service via temporary file name prediction
  - src/libjasper/base/jas_stream.c: use mkstemp()
  - CVE-2008-3521
* SECURITY UPDATE: buffer overflow via vsprintf in jas_stream_printf()
  - src/libjasper/base/jas_stream.c: use vsnprintf()
  - CVE-2008-3522

lp://staging/ubuntu/hardy-updates/jasper 1 Development 2009-06-27 03:55:13 UTC
5. * SECURITY UPDATE: integer overflows ...

Author: Marc Deslauriers
Revision Date: 2009-03-18 11:54:49 UTC

* SECURITY UPDATE: integer overflows via integer multiplication for
  memory allocation
  - src/libjasper/include/jasper/jas_malloc.h,
    src/libjasper/base/jas_malloc.c:
    * introduce new size-checked allocation functions
  - src/libjasper/base/jas_*.c,
    src/libjasper/bmp/bmp_dec.c,
    src/libjasper/jp2/jp2_*.c,
    src/libjasper/jpc/jpc_*.c,
    src/libjasper/mif/mif_cod.c:
    * use new size-checked allocation functions
  - CVE-2008-3520
* SECURITY UPDATE: denial of service via temporary file name prediction
  - src/libjasper/base/jas_stream.c: use mkstemp()
  - CVE-2008-3521
* SECURITY UPDATE: buffer overflow via vsprintf in jas_stream_printf()
  - src/libjasper/base/jas_stream.c: use vsnprintf()
  - CVE-2008-3522

13 of 3 results