-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Thu, 22 Jan 2015 16:39:58 +0100 Source: jasper Binary: libjasper1 libjasper-dev libjasper-runtime Architecture: source amd64 Version: 1.900.1-13+deb7u3 Distribution: wheezy-security Urgency: high Maintainer: Roland Stigge <stigge@antcom.de> Changed-By: Salvatore Bonaccorso <carnil@debian.org> Description: libjasper-dev - Development files for the JasPer JPEG-2000 library libjasper-runtime - Programs for manipulating JPEG-2000 files libjasper1 - JasPer JPEG-2000 runtime library Closes: 775970 Changes: jasper (1.900.1-13+deb7u3) wheezy-security; urgency=high . * Non-maintainer upload by the Security Team. * Add 07-CVE-2014-8157.patch patch. CVE-2014-8157: dec->numtiles off-by-one check in jpc_dec_process_sot(). (Closes: #775970) * Add 08-CVE-2014-8158.patch patch. CVE-2014-8158: unrestricted stack memory use in jpc_qmfb.c (Closes: #775970) Checksums-Sha1: d1690d295c1c1dfe3dba7bb88ef5cc2483ba0aa9 1878 jasper_1.900.1-13+deb7u3.dsc c2dd86e61c07a04609773fb840ff0796c436fe30 33864 jasper_1.900.1-13+deb7u3.debian.tar.gz a53462f64291a92821885b624e92b302115785b1 160120 libjasper1_1.900.1-13+deb7u3_amd64.deb ec0e6e78c999e26726621363b3993ab595fd1bf6 569224 libjasper-dev_1.900.1-13+deb7u3_amd64.deb f0c2c136fcf7c14a9e33ee74ceb2f6d38beb9678 27274 libjasper-runtime_1.900.1-13+deb7u3_amd64.deb Checksums-Sha256: 6be5b2a5d45bf4de081e218fb01f12cf20e8436a602a8b289f273c1683038148 1878 jasper_1.900.1-13+deb7u3.dsc 4440e323793fe8fb9de352a4460b28a7a58b78cd269c8e778ea5cc026e5b6b9e 33864 jasper_1.900.1-13+deb7u3.debian.tar.gz 656500ae418c6a6a00c70916571c3455dee5745cc4f166862d40eee44e273a13 160120 libjasper1_1.900.1-13+deb7u3_amd64.deb 2cfe9bf82564958f5d20acdba9eb87c9ff9e9cc104baefca1a5d576079125c7c 569224 libjasper-dev_1.900.1-13+deb7u3_amd64.deb 45ffc604726b7fe5496e4cf87658cb7c8d525002d6b679287e51703709674c74 27274 libjasper-runtime_1.900.1-13+deb7u3_amd64.deb Files: 925fc6931d68b53e2ec1f4afcd35e04f 1878 graphics optional jasper_1.900.1-13+deb7u3.dsc 9765c9bd45d2d6f0ac5d73c4a1c42c79 33864 graphics optional jasper_1.900.1-13+deb7u3.debian.tar.gz a210810924e691c6ca2452629bc617b5 160120 libs optional libjasper1_1.900.1-13+deb7u3_amd64.deb 5e99aebc6c62cde98edcc7e80837da6c 569224 libdevel optional libjasper-dev_1.900.1-13+deb7u3_amd64.deb df449eb8ce10177b0a2b242b609f3b38 27274 graphics optional libjasper-runtime_1.900.1-13+deb7u3_amd64.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCgAGBQJUwRrCAAoJEAVMuPMTQ89Ei2MQAIub9nsV6DaFfWmfTdFAAFti 8zF6vWmRthNLJO6SBxhGEG/HrNq7R4Xhg8+1hWFHDNnsWwqkXja44g24vMJVxG/5 3PYMv+npp3aoxZhQG8Of1B7rqEgh5jWd780ikKjGEJMet4QmbgYOCrtx8B2LYXGU W6xUEEBuhIRmNA/psNDE1T3PPBaqThchnbVWyLoeeULCc1xqza+PoGPKKcvToomj n3vjbq3L9HUqmMZvA/wba33keyBlkt19jnF/12uGwKJcf38RWyrcl46enBP2hfZ8 5+ZmZN1JM8R5QFnjrJ85rs2GFbKLtl12k27bksKPPZSucjNBmCDccANMsgQPV2VX nIkQGxPOL9AIhCfL4L60YtI28IAjPShPyo+P1eQs6VcfiemalSL2DV+4Aeq99IT9 54CWo3C8oW+Cj5wPUOSqyYtkaEbRFZpZvYt9ib1tpVSGJbTD+rDax1dSjKfrMDSY aKoeXOl4oqM0YN9jxfEOdD/NJCS/sS9RX8w20TQ/CT9uqIJoJYKUJf2KnJE73vq2 rBIGtH/DKgsJaQpUStT9UKVG8It1DzpkaEMQhvGiedOAW+0AOWqWo3reamtw5zvu QHC34r97Xt1E6TAQaEOK0EZx6fZJnexXFVdmCisU5B6JvaeFV0vfZzP8ABFBvFDz nhxxpz7kDyZnJC8Dh8l4 =U4+p -----END PGP SIGNATURE-----
