Ubuntu
jasper package

Branches for Utopic

Name Status Last Modified Last Commit
lp://staging/ubuntu/utopic/jasper 2 Mature 2014-05-18 19:46:12 UTC
20. debian/rules: Changed from dh $@ --wi...

Author: Roland Stigge
Revision Date: 2014-05-18 19:46:12 UTC

debian/rules: Changed from dh $@ --with autotools_dev to autoreconf
to fix build issue on new architectures (Closes: #747507)
lp://staging/ubuntu/utopic-security/jasper 2 Mature 2015-01-22 12:49:54 UTC
22. * SECURITY UPDATE: denial of service ...

Author: Marc Deslauriers
Revision Date: 2015-01-22 12:49:54 UTC

* SECURITY UPDATE: denial of service via crafted ICC color profile
  - debian/patches/05-CVE-2014-8137.patch: prevent double-free in
    src/libjasper/base/jas_icc.c, remove assert in
    src/libjasper/jp2/jp2_dec.c.
  - CVE-2014-8137
* SECURITY UPDATE: denial of service or code execution via invalid
  channel number
  - debian/patches/06-CVE-2014-8138.patch: validate channel number in
    src/libjasper/jp2/jp2_dec.c.
  - CVE-2014-8138
* SECURITY UPDATE: denial of service or code execution via off-by-one
  - debian/patches/07-CVE-2014-8157.patch: fix off-by-one in
    src/libjasper/jpc/jpc_dec.c.
  - CVE-2014-8157
* SECURITY UPDATE: denial of service or code execution via memory
  corruption
  - debian/patches/08-CVE-2014-8158.patch: remove HAVE_VLA to use more
    sensible buffer sizes in src/libjasper/jpc/jpc_qmfb.c.
  - CVE-2014-8158
lp://staging/ubuntu/utopic-updates/jasper 2 Mature 2015-01-22 12:49:54 UTC
22. * SECURITY UPDATE: denial of service ...

Author: Marc Deslauriers
Revision Date: 2015-01-22 12:49:54 UTC

* SECURITY UPDATE: denial of service via crafted ICC color profile
  - debian/patches/05-CVE-2014-8137.patch: prevent double-free in
    src/libjasper/base/jas_icc.c, remove assert in
    src/libjasper/jp2/jp2_dec.c.
  - CVE-2014-8137
* SECURITY UPDATE: denial of service or code execution via invalid
  channel number
  - debian/patches/06-CVE-2014-8138.patch: validate channel number in
    src/libjasper/jp2/jp2_dec.c.
  - CVE-2014-8138
* SECURITY UPDATE: denial of service or code execution via off-by-one
  - debian/patches/07-CVE-2014-8157.patch: fix off-by-one in
    src/libjasper/jpc/jpc_dec.c.
  - CVE-2014-8157
* SECURITY UPDATE: denial of service or code execution via memory
  corruption
  - debian/patches/08-CVE-2014-8158.patch: remove HAVE_VLA to use more
    sensible buffer sizes in src/libjasper/jpc/jpc_qmfb.c.
  - CVE-2014-8158
lp://staging/ubuntu/utopic-proposed/jasper 1 Development 2014-06-17 06:43:28 UTC
16. debian/rules: Changed from dh $@ --wi...

Author: Roland Stigge
Revision Date: 2014-05-18 19:46:12 UTC

debian/rules: Changed from dh $@ --with autotools_dev to autoreconf
to fix build issue on new architectures (Closes: #747507)
14 of 4 results FirstPreviousNextLast