← Back to branch summary

~ubuntu-security/ubuntu-cve-tracker/master

« back to all changes in this revision

Viewing changes to retired/CVE-2016-1867

  • Committer: Steve Beattie
  • Date: 2019-02-19 06:18:27 UTC
  • Revision ID: sbeattie@ubuntu.com-20190219061827-oh57fzcfc1u9dlfk
The ubuntu-cve-tracker project has been converted to git.

Please use 'git clone https://git.launchpad.net/ubuntu-cve-tracker' to
get the converted tree.

Show diffs side-by-side

added added

removed removed

Lines of Context:
retired/CVE-2016-1867
1
 
PublicDateAtUSN: 2016-01-20
2
 
Candidate: CVE-2016-1867
3
 
PublicDate: 2016-01-20
4
 
References:
5
 
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1867
6
 
 http://seclists.org/oss-sec/2016/q1/84
7
 
 https://usn.ubuntu.com/usn/usn-3295-1
8
 
Description:
9
 
 The jpc_pi_nextcprl function in JasPer 1.900.1 allows remote attackers to
10
 
 cause a denial of service (out-of-bounds read and application crash) via a
11
 
 crafted JPEG 2000 image.
12
 
Ubuntu-Description:
13
 
Notes:
14
 
 mdeslaur> fixed in (1.900.1-debian1-2.4+deb8u2)
15
 
Bugs:
16
 
 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=811023
17
 
Priority: low
18
 
Discovered-by:
19
 
Assigned-to:
20
 
 
21
 
Patches_jasper:
22
 
 upstream: https://github.com/mdadams/jasper/commit/980da43d8d388a67cac505e734423b2a5aa4cede
23
 
upstream_jasper: needs-triage
24
 
precise_jasper: ignored (reached end-of-life)
25
 
precise/esm_jasper: DNE (precise was needed)
26
 
trusty_jasper: released (1.900.1-14ubuntu3.4)
27
 
vivid_jasper: ignored (reached end-of-life)
28
 
vivid/stable-phone-overlay_jasper: ignored (reached end-of-life)
29
 
vivid/ubuntu-core_jasper: DNE
30
 
wily_jasper: ignored (reached end-of-life)
31
 
xenial_jasper: released (1.900.1-debian1-2.4ubuntu1.1)
32
 
yakkety_jasper: released (1.900.1-debian1-2.4+deb8u2build0.16.10.1)
33
 
zesty_jasper: DNE
34
 
devel_jasper: DNE