Format: 1.8
Date: Thu, 22 Jan 2015 13:00:54 -0500
Source: jasper
Binary: libjasper1 libjasper-dev libjasper-runtime
Architecture: armhf
Version: 1.900.1-13ubuntu0.2
Distribution: precise
Urgency: medium
Maintainer: Ubuntu/armhf Build Daemon <buildd@kishi10.buildd>
Changed-By: Marc Deslauriers <marc.deslauriers@ubuntu.com>
Description: 
 libjasper-dev - Development files for the JasPer JPEG-2000 library
 libjasper-runtime - Programs for manipulating JPEG-2000 files
 libjasper1 - JasPer JPEG-2000 runtime library
Changes: 
 jasper (1.900.1-13ubuntu0.2) precise-security; urgency=medium
 .
   * SECURITY UPDATE: denial of service via crafted ICC color profile
     - debian/patches/05-CVE-2014-8137.patch: prevent double-free in
       src/libjasper/base/jas_icc.c, remove assert in
       src/libjasper/jp2/jp2_dec.c.
     - CVE-2014-8137
   * SECURITY UPDATE: denial of service or code execution via invalid
     channel number
     - debian/patches/06-CVE-2014-8138.patch: validate channel number in
       src/libjasper/jp2/jp2_dec.c.
     - CVE-2014-8138
   * SECURITY UPDATE: denial of service or code execution via off-by-one
     - debian/patches/07-CVE-2014-8157.patch: fix off-by-one in
       src/libjasper/jpc/jpc_dec.c.
     - CVE-2014-8157
   * SECURITY UPDATE: denial of service or code execution via memory
     corruption
     - debian/patches/08-CVE-2014-8158.patch: remove HAVE_VLA to use more
       sensible buffer sizes in src/libjasper/jpc/jpc_qmfb.c.
     - CVE-2014-8158
Checksums-Sha1: 
 5a637fc381a9dc3aab253c2626e97afecc75bf5c 129332 libjasper1_1.900.1-13ubuntu0.2_armhf.deb
 ce8c41859d5d48cc580cdd410f04cfe57c2d01bd 534660 libjasper-dev_1.900.1-13ubuntu0.2_armhf.deb
 e0951fdc07443981272207162e9930814d15f2e4 21324 libjasper-runtime_1.900.1-13ubuntu0.2_armhf.deb
Checksums-Sha256: 
 1deecb52df2dc8d349277ec03baa6acf881cc129d7baf5c5570a3401cd121bf5 129332 libjasper1_1.900.1-13ubuntu0.2_armhf.deb
 ed4586cb5eccba33aaa0222426dd4325b33fbdcde7b158f6e9f94bf0bf07451a 534660 libjasper-dev_1.900.1-13ubuntu0.2_armhf.deb
 1322f2667434d406aa217050025e2b5908864a010eb814710fc6d9e32f048a80 21324 libjasper-runtime_1.900.1-13ubuntu0.2_armhf.deb
Files: 
 955ccd469e5340ce5008caea742d9af4 129332 libs optional libjasper1_1.900.1-13ubuntu0.2_armhf.deb
 6c6f5a2830db1f3c1fcb4b8020b8b921 534660 libdevel optional libjasper-dev_1.900.1-13ubuntu0.2_armhf.deb
 1d0e97d832ff41a99cc5b4e1bf56e39d 21324 graphics optional libjasper-runtime_1.900.1-13ubuntu0.2_armhf.deb
Original-Maintainer: Roland Stigge <stigge@antcom.de>