Format: 1.7
Date: Wed, 18 Mar 2009 14:36:50 -0400
Source: jasper
Binary: libjasper-runtime libjasper-1.701-dev libjasper-1.701-1
Architecture: powerpc
Version: 1.701.0-2ubuntu0.6.06.1
Distribution: dapper
Urgency: low
Maintainer: Ubuntu/powerpc Build Daemon <buildd@ross.buildd>
Changed-By: Marc Deslauriers <marc.deslauriers@ubuntu.com>
Description: 
 libjasper-1.701-1 - The JasPer JPEG-2000 runtime library
 libjasper-1.701-dev - Development files for the JasPer JPEG-2000 library
 libjasper-runtime - Programs for manipulating JPEG-2000 files
Changes: 
 jasper (1.701.0-2ubuntu0.6.06.1) dapper-security; urgency=low
 .
   * SECURITY UPDATE: integer overflows via integer multiplication for
     memory allocation
     - src/libjasper/include/jasper/jas_malloc.h,
       src/libjasper/base/jas_malloc.c:
       * introduce new size-checked allocation functions
     - src/libjasper/base/jas_*.c,
       src/libjasper/bmp/bmp_dec.c,
       src/libjasper/jp2/jp2_*.c,
       src/libjasper/jpc/jpc_*.c,
       src/libjasper/mif/mif_cod.c:
       * use new size-checked allocation functions
     - CVE-2008-3520
   * SECURITY UPDATE: denial of service via temporary file name prediction
     - src/libjasper/base/jas_stream.c: use mkstemp()
     - CVE-2008-3521
   * SECURITY UPDATE: buffer overflow via vsprintf in jas_stream_printf()
     - src/libjasper/base/jas_stream.c: use vsnprintf()
     - CVE-2008-3522
   * debian/control: Specify a Section: for the source package
Files: 
 e1253e0a77c84326db1dac4317ca196d 142700 libs optional libjasper-1.701-1_1.701.0-2ubuntu0.6.06.1_powerpc.deb
 fec9bc6cacf18fb5fbe42183e9dbdf08 624160 libdevel optional libjasper-1.701-dev_1.701.0-2ubuntu0.6.06.1_powerpc.deb
 31413f853f0a0ce38ed6355200f377f5 27932 graphics optional libjasper-runtime_1.701.0-2ubuntu0.6.06.1_powerpc.deb