Skip to content

GitLab

  • Menu
Projects Groups Snippets
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Sign in / Register
  • aports aports
  • Project information
    • Project information
    • Activity
    • Labels
    • Members
  • Repository
    • Repository
    • Files
    • Commits
    • Branches
    • Tags
    • Contributors
    • Graph
    • Compare
  • Issues 749
    • Issues 749
    • List
    • Boards
    • Service Desk
    • Milestones
  • Merge requests 332
    • Merge requests 332
  • CI/CD
    • CI/CD
    • Pipelines
    • Jobs
    • Schedules
  • Deployments
    • Deployments
    • Environments
    • Releases
  • Monitor
    • Monitor
    • Incidents
  • Analytics
    • Analytics
    • Value stream
    • CI/CD
    • Repository
  • Activity
  • Graph
  • Create a new issue
  • Jobs
  • Commits
  • Issue Boards
Collapse sidebar
  • alpine
  • aportsaports
  • Issues
  • #6876
Closed
Open
Created Feb 16, 2017 by Alicha CH@alichaReporter

[3.6] jasper: Multiple vulnerabilities (CVE-2016-1867, CVE-2016-8654, CVE-2016-8691, CVE-2016-8692, CVE-2016-8693, CVE-2016-8882, CVE-2016-8883, CVE-2016-9560)

CVE-2016-1867 : out-of-bounds read in jpc_pi_nextcprl()

Fixed In Version: jasper 1.900.2

References:

http://seclists.org/oss-sec/2016/q1/84

Patch:

https://github.com/mdadams/jasper/commit/980da43d8d388a67cac505e734423b2a5aa4cede

CVE-2016-8654 : Heap-based buffer overflow in QMFB code in JPC codec

Fixed In Version: jasper 2.0.0

References:

https://github.com/mdadams/jasper/issues/93
https://github.com/mdadams/jasper/issues/94

Patch:

https://github.com/mdadams/jasper/commit/4a59cfaf9ab3d48fca4a15c0d2674bf7138e3d1a

CVE-2016-8691, CVE-2016-8692: missing SIZ marker segment XRsiz and YRsiz fields range check

Fixed In Version: jasper 1.900.4

Reference:

http://www.openwall.com/lists/oss-security/2016/10/16/14

Patch:

https://github.com/mdadams/jasper/commit/d8c2604cd438c41ec72aff52c16ebd8183068020

CVE-2016-8693:Double free vulnerability in the mem_close function in jas_stream.c in …

Fixed version: 1.900.10

Reference:

http://www.openwall.com/lists/oss-security/2016/10/16/14

Patch:

https://github.com/mdadams/jasper/commit/44a524e367597af58d6265ae2014468b334d0309

CVE-2016-8882: Null pointer access in jpc_pi_destroy

Fixed In Version: jasper 1.900.8

Reference:

http://seclists.org/oss-sec/2016/q4/216

Patch:

https://github.com/mdadams/jasper/commit/69a1439a5381e42b06ec6a06ed2675eb793babee

CVE-2016-8883: reachable asserts in jpc_dec_tiledecode()

Fixed In Version: jasper 1.900.8

Reference:

http://seclists.org/oss-sec/2016/q4/216

Patch:

https://github.com/mdadams/jasper/commit/33cc2cfa51a8d0fc3116d16cc1d8fc581b3f9e8d

CVE-2016-9560: Stack-based buffer overflow in jpc_tsfb.c

Fixed in Version: jasper 1.900.30

Reference:

http://www.openwall.com/lists/oss-security/2016/11/20/1

Patch:

https://github.com/mdadams/jasper/commit/1abc2e5a401a4bf1d5ca4df91358ce5df111f495

(from redmine: issue id 6876, created on 2017-02-16, closed on 2019-05-03)

  • Relations:
    • parent #6875
  • Changesets:
    • Revision 5cb610fc by Natanael Copa on 2017-02-28T13:56:40Z:
main/jasper: upgrade to 2.0.10

fixes #6876
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information
Assignee
Assign to
Time tracking