-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Wed, 02 Jan 2019 22:59:23 +0100 Source: jasper Binary: libjasper1 libjasper-dev libjasper-runtime Architecture: source amd64 Version: 1.900.1-debian1-2.4+deb8u5 Distribution: jessie-security Urgency: high Maintainer: Roland Stigge <stigge@antcom.de> Changed-By: Markus Koschany <apo@debian.org> Description: libjasper-dev - Development files for the JasPer JPEG-2000 library libjasper-runtime - Programs for manipulating JPEG-2000 files libjasper1 - JasPer JPEG-2000 runtime library Changes: jasper (1.900.1-debian1-2.4+deb8u5) jessie-security; urgency=high . * Non-maintainer upload by the LTS team. * Fix CVE-2018-18873, CVE-2018-19139, CVE-2018-19539, CVE-2018-19540, CVE-2018-19541, CVE-2018-19542, CVE-2018-20570, CVE-2018-20584 and CVE-2018-20622. * Multiple issues were found in the JasPer JPEG-2000 library that could lead to a denial-of-service (application crash), memory leaks and potentially the execution of arbitrary code if a malformed image file is processed. Checksums-Sha1: 8c358e318ce7861a4c1edb702f5c910215926e8c 2120 jasper_1.900.1-debian1-2.4+deb8u5.dsc 0fdce78855994a340e9daf1ba52a40a46f8bbdc2 40220 jasper_1.900.1-debian1-2.4+deb8u5.debian.tar.xz ecc642ab2115172b751be28af5e16329cf92e873 135374 libjasper1_1.900.1-debian1-2.4+deb8u5_amd64.deb caffb0059b282eaee45fa9ebde273386ee53febc 525636 libjasper-dev_1.900.1-debian1-2.4+deb8u5_amd64.deb aff483e29b546f95edfb5e20b83a8909e457c9fd 23776 libjasper-runtime_1.900.1-debian1-2.4+deb8u5_amd64.deb Checksums-Sha256: 5977b748da5ced64de8abcf0b31efc015ed4fdb626266c98207873a634397ebc 2120 jasper_1.900.1-debian1-2.4+deb8u5.dsc 56f624ee083d13ae8a779266458023f82356a8cc114ce713d668755a3069438a 40220 jasper_1.900.1-debian1-2.4+deb8u5.debian.tar.xz 7a486c870df7fe0f7ced60399dd28cdaba749446fb2e0f895608f9360288efa3 135374 libjasper1_1.900.1-debian1-2.4+deb8u5_amd64.deb 07142f06bd6624232862b070aa7656efe56dabb060028a2999de9b65eb3e0d0f 525636 libjasper-dev_1.900.1-debian1-2.4+deb8u5_amd64.deb 11a2bc8015dbaa639815a10d8b201e2f179256ed6b9a9f400cd981bfed703f39 23776 libjasper-runtime_1.900.1-debian1-2.4+deb8u5_amd64.deb Files: f0d53c6641ec01c8b9dfb3ae605fce37 2120 graphics optional jasper_1.900.1-debian1-2.4+deb8u5.dsc 1d29e49e80a382b698cd04f7e6f7db58 40220 graphics optional jasper_1.900.1-debian1-2.4+deb8u5.debian.tar.xz 321e94ff89554353e91533cb2ac0f783 135374 libs optional libjasper1_1.900.1-debian1-2.4+deb8u5_amd64.deb 67fe2525521d7c94811f41d1fdc7e99c 525636 libdevel optional libjasper-dev_1.900.1-debian1-2.4+deb8u5_amd64.deb d00dea3a5309d4aaed43bf956a2f3658 23776 graphics optional libjasper-runtime_1.900.1-debian1-2.4+deb8u5_amd64.deb -----BEGIN PGP SIGNATURE----- iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAlwtNhxfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp YW4ub3JnAAoJENmtFLlRO1HkRoAP/jz3raCvnt48ppN8em32Hog8Dao9XF4da1fN 3xgcpvfzxTScXiAWFJkNwF0YEA3b+pSazjUqd6XACgzr5fVIWqMBRt0plKKd5oHN v9JgC79nEw6T3gJS2G+/kYxWOBrH3YaugRLgHr1D1teHoXazi3apIk2oB8K+v8ir QwEh1JsJiCcg8Ku+qMSSgqKPbCvbQTszp+aloacc6NK9/gV8NUiArmQmSSCW1A45 qn5uGx2AIz9DMY3qpkdcg+KsYI0LUNKUeI2BK04zHiYE8vYCC8nosMbSW8RQRWmG l1BWzb3S2KA4k0HCLPNNAdiesocxM4OZyO6XM4w+sVmmZbJ7QtzsDEulTzee50P/ dlDKmO09pcEn+BXAYtCaP50bKLevn8Ed/Vmi6FXhBo+70RyOMZbbfgRW+ZfxmG65 yDmYMBEiuoral3YRilvWi5Yf1YCfaI/8h6/EI0GrO5EC2p6EXvnm1C2+Z06FZ2WZ mlWfYv+cHyackbHD6nVEQdWVFSm9glU2yeVstjXiIpPquvTBj8LnqApEyqUKdxp7 tp1LXs5DsHBuAHqloDmApYpdnCpO6w8jkbeVuDwDHUzmoyoQEMUBD/mIBe4o4daS Hb3+pNOXPBVboLZe/l+f5iYz0Yymo94Tr8bScZF6kAnhepZVolJlsp0c2F1q+4BD 2W11GwQl =sZEL -----END PGP SIGNATURE-----
