JasPer: Multiple vulnerabilities
Multiple vulnerabilities have been found in JasPer, the worst of
which could result in a Denial of Service condition.
jasper
2019-08-09
2019-08-28
614028
614032
624988
629286
635552
662160
674154
674214
remote
2.0.16
JasPer is a software-based implementation of the codec specified in the
JPEG-2000 Part-1 standard.
Multiple vulnerabilities have been discovered in JasPer. Please review
the CVE identifiers referenced below for details.
Please review the referenced CVE identifiers for details.
There is no known workaround at this time.
JasPer is no longer maintained upstream and contains many
vulnerabilities which remain unaddressed. Gentoo users are advised to
unmerge this package.
# emerge --unmerge media-libs/jasper
CVE-2017-1000050
CVE-2017-13745
CVE-2017-13746
CVE-2017-13747
CVE-2017-13748
CVE-2017-13749
CVE-2017-13750
CVE-2017-13751
CVE-2017-13752
CVE-2017-13753
CVE-2017-14132
CVE-2017-14229
CVE-2017-5503
CVE-2017-5504
CVE-2017-5505
CVE-2017-6851
CVE-2017-6852
CVE-2017-9782
CVE-2018-18873
CVE-2018-20584
CVE-2018-9055
CVE-2018-9154
b-man
b-man