1
Candidate: CVE-2016-9393
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9393
5
https://github.com/asarubbo/poc/blob/master/00013-jasper-assert-jpc_pi_nextrpcl (testcase)
6
http://www.openwall.com/lists/oss-security/2016/11/17/1
8
The jpc_pi_nextrpcl function in jpc_t2cod.c in JasPer before 1.900.17
9
allows remote attackers to cause a denial of service (assertion failure)
13
mdeslaur> same commit as CVE-2016-9392
16
Discovered-by: Agostino Sarubbo
20
upstream: https://github.com/mdadams/jasper/commit/f7038068550fba0e41e1d0c355787f1dcd5bf330
21
upstream_jasper: needs-triage
22
precise_jasper: ignored (reached end-of-life)
23
precise/esm_jasper: DNE (precise was needs-triage)
25
vivid/ubuntu-core_jasper: DNE
26
vivid/stable-phone-overlay_jasper: ignored (reached end-of-life)
28
yakkety_jasper: ignored (reached end-of-life)