Advisories ยป MGASA-2020-0463

Updated jasper packages fix security vulnerability

Publication date: 17 Dec 2020
Type: security
Affected Mageia releases : 7
CVE: CVE-2020-27828

Description

There's a flaw in jasper's jpc encoder in versions prior to 2.0.23. Crafted
input provided to jasper by an attacker could cause an arbitrary out-of-bounds
write. This could potentially affect data confidentiality, integrity, or
application availability (CVE-2020-27828).
                

References

SRPMS

7/core