blob: 488bea9fbdad37a8fedcfd7ea44d1e80c848780a (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
|
<define-tag description>LTS security update</define-tag>
<define-tag moreinfo>
<p>An off-by-one flaw, leading to a heap-based buffer overflow
(<a href="https://security-tracker.debian.org/tracker/CVE-2014-8157">CVE-2014-8157</a>), and an unrestricted stack memory use flaw
(<a href="https://security-tracker.debian.org/tracker/CVE-2014-8158">CVE-2014-8158</a>) were found in JasPer, a library for manipulating
JPEG-2000 files. A specially crafted file could cause an application
using JasPer to crash or, possibly, execute arbitrary code.</p>
<p>For Debian 6 <q>Squeeze</q>, these issues have been fixed in jasper version 1.900.1-7+squeeze4</p>
</define-tag>
# do not modify the following line
#include "$(ENGLISHDIR)/lts/security/2015/dla-138.data"
# $Id$
|