Package libjasper updated to version 2.0.27-alt1 for branch sisyphus in task 268170.

Published: 2021-03-25
Modified: 2024-11-21

CVE-2021-3443

A NULL pointer dereference flaw was found in the way Jasper versions before 2.0.27 handled component references in the JP2 image format decoder. A specially crafted JP2 image file could cause an application using the Jasper library to crash when opened.

Severity: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

References:

https://bugzilla.redhat.com/show_bug.cgi?id=1939233
https://bugzilla.redhat.com/show_bug.cgi?id=1939233

Published: 2021-03-25
Modified: 2024-11-21

CVE-2021-3467

A NULL pointer dereference flaw was found in the way Jasper versions before 2.0.26 handled component references in CDEF box in the JP2 image format decoder. A specially crafted JP2 image file could cause an application using the Jasper library to crash when opened.

Severity: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

References:

https://bugzilla.redhat.com/show_bug.cgi?id=1942097
https://bugzilla.redhat.com/show_bug.cgi?id=1942097
FEDORA-2021-2213a29364
FEDORA-2021-2213a29364

Version: 2.1.0

Package libjasper update in sisyphus on 2021-03-24

ALT-PU-2021-1542-1

Closed vulnerabilities

CVE-2021-3443

CVE-2021-3467