Packages
- jasper - Library for manipulating JPEG-2000 files
Details
It was discovered that JasPer incorrectly handled certain malformed
JPEG-2000 image files. If a user or automated system using JasPer were
tricked into opening a specially crafted image, an attacker could exploit
this to cause a denial of service or possibly execute code with the
privileges of the user invoking the program.
It was discovered that JasPer incorrectly handled certain malformed
JPEG-2000 image files. If a user or automated system using JasPer were
tricked into opening a specially crafted image, an attacker could exploit
this to cause a denial of service or possibly execute code with the
privileges of the user invoking the program.
Update instructions
In general, a standard system update will make all the necessary changes.
Learn more about how to get the fixes.The problem can be corrected by updating your system to the following package versions:
| Ubuntu Release | Package Version | ||
|---|---|---|---|
| 16.04 LTS xenial | libjasper1 – 1.900.1-debian1-2.4ubuntu1.1 | ||
| 14.04 LTS trusty | libjasper1 – 1.900.1-14ubuntu3.4 | ||
Reduce your security exposure
Ubuntu Pro provides ten-year security coverage to 25,000+ packages in Main and Universe repositories, and it is free for up to five machines.
References
- CVE-2016-9591
- CVE-2016-9560
- CVE-2016-8882
- CVE-2016-8693
- CVE-2016-8692
- CVE-2016-8691
- CVE-2016-8654
- CVE-2016-2089
- CVE-2016-1867
- CVE-2016-10251
- CVE-2016-9591
- CVE-2016-9560
- CVE-2016-8882
- CVE-2016-8693
- CVE-2016-8692
- CVE-2016-8691
- CVE-2016-8654
- CVE-2016-2089
- CVE-2016-1867
- CVE-2016-10251
- CVE-2016-10249