Format: 1.8
Date: Thu, 22 Jan 2015 12:49:54 -0500
Source: jasper
Binary: libjasper1 libjasper-dev libjasper-runtime
Architecture: armhf
Version: 1.900.1-debian1-2ubuntu0.2
Distribution: utopic
Urgency: medium
Maintainer: Ubuntu/armhf Build Daemon <buildd@kishi01.buildd>
Changed-By: Marc Deslauriers <marc.deslauriers@ubuntu.com>
Description:
 libjasper-dev - Development files for the JasPer JPEG-2000 library
 libjasper-runtime - Programs for manipulating JPEG-2000 files
 libjasper1 - JasPer JPEG-2000 runtime library
Changes:
 jasper (1.900.1-debian1-2ubuntu0.2) utopic-security; urgency=medium
 .
   * SECURITY UPDATE: denial of service via crafted ICC color profile
     - debian/patches/05-CVE-2014-8137.patch: prevent double-free in
       src/libjasper/base/jas_icc.c, remove assert in
       src/libjasper/jp2/jp2_dec.c.
     - CVE-2014-8137
   * SECURITY UPDATE: denial of service or code execution via invalid
     channel number
     - debian/patches/06-CVE-2014-8138.patch: validate channel number in
       src/libjasper/jp2/jp2_dec.c.
     - CVE-2014-8138
   * SECURITY UPDATE: denial of service or code execution via off-by-one
     - debian/patches/07-CVE-2014-8157.patch: fix off-by-one in
       src/libjasper/jpc/jpc_dec.c.
     - CVE-2014-8157
   * SECURITY UPDATE: denial of service or code execution via memory
     corruption
     - debian/patches/08-CVE-2014-8158.patch: remove HAVE_VLA to use more
       sensible buffer sizes in src/libjasper/jpc/jpc_qmfb.c.
     - CVE-2014-8158
Checksums-Sha1:
 06f83a12d4c5d851917174f3032045affb157e72 110624 libjasper1_1.900.1-debian1-2ubuntu0.2_armhf.deb
 0da238a130c4262e93f8918e9c6e4511906a2b1c 500244 libjasper-dev_1.900.1-debian1-2ubuntu0.2_armhf.deb
 b3604da04e3e3c0fa01d9a955fae83698eb81734 18732 libjasper-runtime_1.900.1-debian1-2ubuntu0.2_armhf.deb
Checksums-Sha256:
 7fa5a822c5e6e05b3874a4f671d707db4555899558edc5e563dc012a91e9d764 110624 libjasper1_1.900.1-debian1-2ubuntu0.2_armhf.deb
 bcab52eee1b6be76dd52644fcdb4f9afbfaaacfc10aaf6d7b239fd353c2bf411 500244 libjasper-dev_1.900.1-debian1-2ubuntu0.2_armhf.deb
 c42418d34abb4e1ec0f112d482d7d4d393d43550f8166e59f0181e2c6888893f 18732 libjasper-runtime_1.900.1-debian1-2ubuntu0.2_armhf.deb
Files:
 f22e4c60960fbcd40b43d36afcb3b644 110624 libs optional libjasper1_1.900.1-debian1-2ubuntu0.2_armhf.deb
 78508c49d1ac1b1361333e34ff8b5ae6 500244 libdevel optional libjasper-dev_1.900.1-debian1-2ubuntu0.2_armhf.deb
 cb1d6f3137a575b691c15c5bcc3660e4 18732 graphics optional libjasper-runtime_1.900.1-debian1-2ubuntu0.2_armhf.deb
Original-Maintainer: Roland Stigge <stigge@antcom.de>