1
Candidate: CVE-2016-9394
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9394
5
https://github.com/asarubbo/poc/blob/master/00016-jasper-assert-jas_matrix_t (testcase)
6
http://www.openwall.com/lists/oss-security/2016/11/17/1
8
The jas_seq2d_create function in jas_seq.c in JasPer before 1.900.17 allows
9
remote attackers to cause a denial of service (assertion failure) via a
13
mdeslaur> same commit as CVE-2016-9392
16
Discovered-by: Agostino Sarubbo
20
upstream: https://github.com/mdadams/jasper/commit/f7038068550fba0e41e1d0c355787f1dcd5bf330
21
upstream_jasper: needs-triage
22
precise_jasper: ignored (reached end-of-life)
23
precise/esm_jasper: DNE (precise was needs-triage)
25
vivid/ubuntu-core_jasper: DNE
26
vivid/stable-phone-overlay_jasper: ignored (reached end-of-life)
28
yakkety_jasper: ignored (reached end-of-life)