diff options
author | Markus Koschany <apo@debian.org> | 2019-04-14 18:13:05 +0200 |
---|---|---|
committer | Markus Koschany <apo@debian.org> | 2019-04-14 18:13:05 +0200 |
commit | ca92180cd5e16fcbf0bc008e43ab876db54f0a7d (patch) | |
tree | fa17da7718e031e9bbef0f8adc34abbeb6d8f49e | |
parent | 6d9ec7201dcfa229e0cdf7f93c34b3d4a8509ebe (diff) |
DLA-1628-2 advisory
-rw-r--r-- | english/lts/security/2019/dla-1628-2.data | 9 | ||||
-rw-r--r-- | english/lts/security/2019/dla-1628-2.wml | 20 |
2 files changed, 29 insertions, 0 deletions
diff --git a/english/lts/security/2019/dla-1628-2.data b/english/lts/security/2019/dla-1628-2.data new file mode 100644 index 00000000000..494e6d72609 --- /dev/null +++ b/english/lts/security/2019/dla-1628-2.data @@ -0,0 +1,9 @@ +<define-tag pagetitle>DLA-1628-2 jasper</define-tag> +<define-tag report_date>2019-4-13</define-tag> +<define-tag packages>jasper</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + diff --git a/english/lts/security/2019/dla-1628-2.wml b/english/lts/security/2019/dla-1628-2.wml new file mode 100644 index 00000000000..3420736a862 --- /dev/null +++ b/english/lts/security/2019/dla-1628-2.wml @@ -0,0 +1,20 @@ +<define-tag description>LTS security update</define-tag> +<define-tag moreinfo> +<p>The update of jasper issued as DLA-1628-1 caused a regression due to +the fix for <a href="https://security-tracker.debian.org/tracker/CVE-2018-19542">CVE-2018-19542</a>, a NULL pointer dereference in the function +jp2_decode, which could lead to a denial-of-service. In some cases not +only invalid jp2 files but also valid jp2 files were rejected.</p> + +<p>For Debian 8 <q>Jessie</q>, this problem has been fixed in version +1.900.1-debian1-2.4+deb8u6.</p> + +<p>We recommend that you upgrade your jasper packages.</p> + +<p>Further information about Debian LTS security advisories, how to apply +these updates to your system and frequently asked questions can be +found at: <a rel="nofollow" href="https://wiki.debian.org/LTS">https://wiki.debian.org/LTS</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/lts/security/2019/dla-1628-2.data" +# $Id: $ |