| Errata ID | 300 |
|---|---|
| Date | 2018-02-14 |
| Source package | jasper |
| Fixed in version | 1.900.1-debian1-2.4+deb8u3 |
| Description | This update addresses the following issues: * Integer overflow in the jpc_dec_tiledecode function in jpc_dec.c allows remote attackers to have unspecified impact via a crafted image file, which triggers a heap-based buffer overflow. (CVE-2016-10249) * Integer overflow in the jpc_pi_nextcprl function in jpc_t2cod.c allows remote attackers to have unspecified impact via a crafted file, which triggers use of an uninitialized value. (CVE-2016-10251) * Use-after-free on heap in jas_matrix_destroy (CVE-2016-9591) |
| Additional notes | |
| CVE ID | CVE-2016-10249 CVE-2016-10251 CVE-2016-9591 |
| UCS Bug number | #44332 |
