Format: 1.8 Date: Thu, 22 Jan 2015 12:49:54 -0500 Source: jasper Binary: libjasper1 libjasper-dev libjasper-runtime Architecture: arm64 Version: 1.900.1-debian1-2ubuntu0.2 Distribution: utopic Urgency: medium Maintainer: Ubuntu Build Daemon Changed-By: Marc Deslauriers Description: libjasper-dev - Development files for the JasPer JPEG-2000 library libjasper-runtime - Programs for manipulating JPEG-2000 files libjasper1 - JasPer JPEG-2000 runtime library Changes: jasper (1.900.1-debian1-2ubuntu0.2) utopic-security; urgency=medium . * SECURITY UPDATE: denial of service via crafted ICC color profile - debian/patches/05-CVE-2014-8137.patch: prevent double-free in src/libjasper/base/jas_icc.c, remove assert in src/libjasper/jp2/jp2_dec.c. - CVE-2014-8137 * SECURITY UPDATE: denial of service or code execution via invalid channel number - debian/patches/06-CVE-2014-8138.patch: validate channel number in src/libjasper/jp2/jp2_dec.c. - CVE-2014-8138 * SECURITY UPDATE: denial of service or code execution via off-by-one - debian/patches/07-CVE-2014-8157.patch: fix off-by-one in src/libjasper/jpc/jpc_dec.c. - CVE-2014-8157 * SECURITY UPDATE: denial of service or code execution via memory corruption - debian/patches/08-CVE-2014-8158.patch: remove HAVE_VLA to use more sensible buffer sizes in src/libjasper/jpc/jpc_qmfb.c. - CVE-2014-8158 Checksums-Sha1: 96dd5f40f602a9959a4366524d43cd72b37440e0 110928 libjasper1_1.900.1-debian1-2ubuntu0.2_arm64.deb b7ce21e298125fca52e3c00a2efa96af2ee5835f 504852 libjasper-dev_1.900.1-debian1-2ubuntu0.2_arm64.deb ce3519846b8eca0d706159d5d1d5cd22a626498c 19078 libjasper-runtime_1.900.1-debian1-2ubuntu0.2_arm64.deb Checksums-Sha256: d0e8afa1debf249bc8a2b533f23ddb579228f4569ef1b7ef758d7be95ea1a170 110928 libjasper1_1.900.1-debian1-2ubuntu0.2_arm64.deb ea7e5bc6e7d91f37345b32a313c96153dc6ace46eb125eede0d3a60840f72bdd 504852 libjasper-dev_1.900.1-debian1-2ubuntu0.2_arm64.deb 5122d29a0adad8adbc17efc03571d7286f130a18b7d3f7c2d36eeb181d1d8a51 19078 libjasper-runtime_1.900.1-debian1-2ubuntu0.2_arm64.deb Files: 15824e41126c17b9b19bded188111ba4 110928 libs optional libjasper1_1.900.1-debian1-2ubuntu0.2_arm64.deb fcd4703ddea05a7a977a98ac62c62f4a 504852 libdevel optional libjasper-dev_1.900.1-debian1-2ubuntu0.2_arm64.deb e6a160d19164543675763bc25acd7ff6 19078 graphics optional libjasper-runtime_1.900.1-debian1-2ubuntu0.2_arm64.deb Original-Maintainer: Roland Stigge