Information on source package jasper

Available versions

ReleaseVersion
jessie1.900.1-debian1-2.4+deb8u3
jessie (security)1.900.1-debian1-2.4+deb8u6

Open issues

BugjessieDescription
CVE-2018-19543vulnerable (no DSA, postponed)An issue was discovered in JasPer 2.0.14. There is a heap-based buffer ...
CVE-2018-19139vulnerable (no DSA, postponed)An issue has been found in JasPer 2.0.14. There is a memory leak in ja ...
CVE-2017-9782vulnerable (no DSA)JasPer 2.0.12 allows remote attackers to cause a denial of service (he ...
CVE-2017-6852vulnerable (no DSA)Heap-based buffer overflow in the jpc_dec_decodepkt function in jpc_t2 ...
CVE-2017-14229vulnerable (no DSA, ignored)There is an infinite loop in the jpc_dec_tileinit function in jpc/jpc_ ...
CVE-2016-9557vulnerable (no DSA)Integer overflow in jas_image.c in JasPer before 1.900.25 allows remot ...
CVE-2016-8886vulnerable (no DSA)The jas_malloc function in libjasper/base/jas_malloc.c in JasPer befor ...

Open unimportant issues

BugjessieDescription
CVE-2018-9252vulnerableJasPer 2.0.14 allows denial of service via a reachable assertion in th ...
CVE-2018-9154vulnerableThere is a reachable abort in the function jpc_dec_process_sot in libj ...
CVE-2018-9055vulnerableJasPer 2.0.14 allows denial of service via a reachable assertion in th ...
CVE-2017-6851vulnerableThe jas_matrix_bindsub function in jas_seq.c in JasPer 2.0.10 allows r ...
CVE-2017-6850vulnerableThe jp2_cdef_destroy function in jp2_cod.c in JasPer before 2.0.13 all ...
CVE-2017-5505vulnerableThe jas_matrix_asl function in jas_seq.c in JasPer 1.900.27 allows rem ...
CVE-2017-5504vulnerableThe jpc_undo_roi function in libjasper/jpc/jpc_dec.c in JasPer 1.900.2 ...
CVE-2017-5502vulnerablelibjasper/jp2/jp2_dec.c in JasPer 1.900.17 allows remote attackers to ...
CVE-2017-5501vulnerableInteger overflow in libjasper/jpc/jpc_tsfb.c in JasPer 1.900.17 allows ...
CVE-2017-5500vulnerablelibjasper/jpc/jpc_dec.c in JasPer 1.900.17 allows remote attackers to ...
CVE-2017-5499vulnerableInteger overflow in libjasper/jpc/jpc_dec.c in JasPer 1.900.17 allows ...
CVE-2017-5498vulnerablelibjasper/include/jasper/jas_math.h in JasPer 1.900.17 allows remote a ...
CVE-2017-13752vulnerableThere is a reachable assertion abort in the function jpc_dequantize() ...
CVE-2017-13751vulnerableThere is a reachable assertion abort in the function calcstepsizes() i ...
CVE-2017-13750vulnerableThere is a reachable assertion abort in the function jpc_dec_process_s ...
CVE-2017-13749vulnerableThere is a reachable assertion abort in the function jpc_pi_nextrpcl() ...
CVE-2017-13747vulnerableThere is a reachable assertion abort in the function jpc_floorlog2() i ...
CVE-2017-13746vulnerableThere is a reachable assertion abort in the function jpc_dec_process_s ...
CVE-2017-13745vulnerableThere is a reachable assertion abort in the function jpc_dec_process_s ...
CVE-2017-1000050vulnerableJasPer 2.0.12 is vulnerable to a NULL pointer exception in the functio ...
CVE-2016-9600vulnerableJasPer before version 2.0.10 is vulnerable to a null pointer dereferen ...
CVE-2016-9583vulnerableAn out-of-bounds heap read vulnerability was found in the jpc_pi_nextp ...
CVE-2016-9399vulnerableThe calcstepsizes function in jpc_dec.c in JasPer 1.900.22 allows remo ...
CVE-2016-9398vulnerableThe jpc_floorlog2 function in jpc_math.c in JasPer before 1.900.17 all ...
CVE-2016-9397vulnerableThe jpc_dequantize function in jpc_dec.c in JasPer 1.900.13 allows rem ...
CVE-2016-9396vulnerableThe JPC_NOMINALGAIN function in jpc/jpc_t1cod.c in JasPer through 2.0. ...
CVE-2016-9395vulnerableThe jas_seq2d_create function in jas_seq.c in JasPer before 1.900.25 a ...
CVE-2016-9394vulnerableThe jas_seq2d_create function in jas_seq.c in JasPer before 1.900.17 a ...
CVE-2016-9393vulnerableThe jpc_pi_nextrpcl function in jpc_t2cod.c in JasPer before 1.900.17 ...
CVE-2016-9392vulnerableThe calcstepsizes function in jpc_dec.c in JasPer before 1.900.17 allo ...
CVE-2016-9391vulnerableThe jpc_bitstream_getbits function in jpc_bs.c in JasPer before 2.0.10 ...
CVE-2016-9390vulnerableThe jas_seq2d_create function in jas_seq.c in JasPer before 1.900.14 a ...
CVE-2016-9389vulnerableThe jpc_irct and jpc_iict functions in jpc_mct.c in JasPer before 1.90 ...
CVE-2016-9388vulnerableThe ras_getcmap function in ras_dec.c in JasPer before 1.900.14 allows ...
CVE-2016-9387vulnerableInteger overflow in the jpc_dec_process_siz function in libjasper/jpc/ ...
CVE-2016-8887vulnerableThe jp2_colr_destroy function in libjasper/jp2/jp2_cod.c in JasPer bef ...
CVE-2016-8883vulnerableThe jpc_dec_tiledecode function in jpc_dec.c in JasPer before 1.900.8 ...
CVE-2016-10248vulnerableThe jpc_tsfb_synthesize function in jpc_tsfb.c in JasPer before 1.900. ...

Resolved issues

BugDescription
CVE-2018-20622JasPer 2.0.14 has a memory leak in base/jas_malloc.c in libjasper.a wh ...
CVE-2018-20584JasPer 2.0.14 allows remote attackers to cause a denial of service (ap ...
CVE-2018-20570jp2_encode in jp2/jp2_enc.c in JasPer 2.0.14 has a heap-based buffer o ...
CVE-2018-19542An issue was discovered in JasPer 2.0.14. There is a NULL pointer dere ...
CVE-2018-19541An issue was discovered in JasPer 2.0.14. There is a heap-based buffer ...
CVE-2018-19540An issue was discovered in JasPer 2.0.14. There is a heap-based buffer ...
CVE-2018-19539An issue was discovered in JasPer 2.0.14. There is an access violation ...
CVE-2018-18873An issue was discovered in JasPer 2.0.14. There is a NULL pointer dere ...
CVE-2017-5503The dec_clnpass function in libjasper/jpc/jpc_t1dec.c in JasPer 1.900. ...
CVE-2017-14132JasPer 2.0.13 allows remote attackers to cause a denial of service (he ...
CVE-2017-13748There are lots of memory leaks in JasPer 2.0.12, triggered in the func ...
CVE-2016-9591JasPer before version 2.0.12 is vulnerable to a use-after-free in the ...
CVE-2016-9560Stack-based buffer overflow in the jpc_tsfb_getbands2 function in jpc_ ...
CVE-2016-9262Multiple integer overflows in the (1) jas_realloc function in base/jas ...
CVE-2016-8885The bmp_getdata function in libjasper/bmp/bmp_dec.c in JasPer before 1 ...
CVE-2016-8884The bmp_getdata function in libjasper/bmp/bmp_dec.c in JasPer 1.900.5 ...
CVE-2016-8882The jpc_dec_tilefini function in libjasper/jpc/jpc_dec.c in JasPer bef ...
CVE-2016-8693Double free vulnerability in the mem_close function in jas_stream.c in ...
CVE-2016-8692The jpc_dec_process_siz function in libjasper/jpc/jpc_dec.c in JasPer ...
CVE-2016-8691The jpc_dec_process_siz function in libjasper/jpc/jpc_dec.c in JasPer ...
CVE-2016-8690The bmp_getdata function in libjasper/bmp/bmp_dec.c in JasPer before 1 ...
CVE-2016-8654A heap-buffer overflow vulnerability was found in QMFB code in JPC cod ...
CVE-2016-2116Memory leak in the jas_iccprof_createfrombuf function in JasPer 1.900. ...
CVE-2016-2089The jas_matrix_clip function in jas_seq.c in JasPer 1.900.1 allows rem ...
CVE-2016-1867The jpc_pi_nextcprl function in JasPer 1.900.1 allows remote attackers ...
CVE-2016-1577Double free vulnerability in the jas_iccattrval_destroy function in Ja ...
CVE-2016-10251Integer overflow in the jpc_pi_nextcprl function in jpc_t2cod.c in Jas ...
CVE-2016-10250The jp2_colr_destroy function in jp2_cod.c in JasPer before 1.900.13 a ...
CVE-2016-10249Integer overflow in the jpc_dec_tiledecode function in jpc_dec.c in Ja ...
CVE-2015-8751
CVE-2015-5221Use-after-free vulnerability in the mif_process_cmpt function in libja ...
CVE-2015-5203Double free vulnerability in the jasper_image_stop_load function in Ja ...
CVE-2014-9029Multiple off-by-one errors in the (1) jpc_dec_cp_setfromcox and (2) jp ...
CVE-2014-8158Multiple stack-based buffer overflows in jpc_qmfb.c in JasPer 1.900.1 ...
CVE-2014-8157Off-by-one error in the jpc_dec_process_sot function in JasPer 1.900.1 ...
CVE-2014-8138Heap-based buffer overflow in the jp2_decode function in JasPer 1.900. ...
CVE-2014-8137Double free vulnerability in the jas_iccattrval_destroy function in Ja ...
CVE-2011-4517The jpc_crg_getparms function in libjasper/jpc/jpc_cs.c in JasPer 1.90 ...
CVE-2011-4516Heap-based buffer overflow in the jpc_cox_getcompparms function in lib ...
CVE-2008-3522Buffer overflow in the jas_stream_printf function in libjasper/base/ja ...
CVE-2008-3521Race condition in the jas_stream_tmpfile function in libjasper/base/ja ...
CVE-2008-3520Multiple integer overflows in JasPer 1.900.1 might allow context-depen ...
CVE-2007-2721The jpc_qcx_getcompparms function in jpc/jpc_cs.c for the JasPer JPEG- ...

Security announcements

DSA / DLADescription
DLA-1628-2jasper - regression update
DLA-1628-1jasper - security update
DLA-1583-1jasper - security update
DLA-920-1jasper - security update
DSA-3827-1jasper - security update
DSA-3785-1jasper - security update
DLA-739-1jasper - security update
DSA-3508-1jasper - security update
DSA-3508-1jasper - security update
DLA-138-1jasper - security update
DSA-3138-1jasper - security update
DLA-121-1jasper - security update
DSA-3106-1jasper - security update
DLA-101-1jasper - security update
DSA-3089-1jasper - security update
DSA-2371-1jasper - buffer overflows
DSA-2371-1jasper - buffer overflows
DSA-2036-1jasper - denial of service

Search for package or bug name: Reporting problems