Format: 1.7
Date: Wed, 18 Mar 2009 14:36:50 -0400
Source: jasper
Binary: libjasper-runtime libjasper-1.701-dev libjasper-1.701-1
Architecture: sparc
Version: 1.701.0-2ubuntu0.6.06.1
Distribution: dapper
Urgency: low
Maintainer: Ubuntu/sparc Build Daemon <buildd@artigas.buildd>
Changed-By: Marc Deslauriers <marc.deslauriers@ubuntu.com>
Description: 
 libjasper-1.701-1 - The JasPer JPEG-2000 runtime library
 libjasper-1.701-dev - Development files for the JasPer JPEG-2000 library
 libjasper-runtime - Programs for manipulating JPEG-2000 files
Changes: 
 jasper (1.701.0-2ubuntu0.6.06.1) dapper-security; urgency=low
 .
   * SECURITY UPDATE: integer overflows via integer multiplication for
     memory allocation
     - src/libjasper/include/jasper/jas_malloc.h,
       src/libjasper/base/jas_malloc.c:
       * introduce new size-checked allocation functions
     - src/libjasper/base/jas_*.c,
       src/libjasper/bmp/bmp_dec.c,
       src/libjasper/jp2/jp2_*.c,
       src/libjasper/jpc/jpc_*.c,
       src/libjasper/mif/mif_cod.c:
       * use new size-checked allocation functions
     - CVE-2008-3520
   * SECURITY UPDATE: denial of service via temporary file name prediction
     - src/libjasper/base/jas_stream.c: use mkstemp()
     - CVE-2008-3521
   * SECURITY UPDATE: buffer overflow via vsprintf in jas_stream_printf()
     - src/libjasper/base/jas_stream.c: use vsnprintf()
     - CVE-2008-3522
   * debian/control: Specify a Section: for the source package
Files: 
 a9f4ba112f2bf58554120454072b57a8 133302 libs optional libjasper-1.701-1_1.701.0-2ubuntu0.6.06.1_sparc.deb
 a5863b651eaedfdff5c9deaacb26dbb9 623384 libdevel optional libjasper-1.701-dev_1.701.0-2ubuntu0.6.06.1_sparc.deb
 f711a38841e73fd99ef8146d8aca8eae 22492 graphics optional libjasper-runtime_1.701.0-2ubuntu0.6.06.1_sparc.deb