Advisories ยป MGASA-2018-0281

Updated jasper packages fix security vulnerabilities

Publication date: 14 Jun 2018
Modification date: 14 Jun 2018
Type: security
Affected Mageia releases : 5 , 6
CVE: CVE-2016-9396 , CVE-2018-9055

Description

Updated japser packages fix security vulnerabilities:

An assertion failure was possible to trigger in JPC_NOMINALGAIN
(CVE-2016-9396).

Denial of service via a reachable assertion in the function jpc_firstone in
libjasper/jpc/jpc_math.c could lead to denial of service (CVE-2018-9055).
                

References

SRPMS

6/core

5/core