-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory MDVSA-2009:164 http://www.mandriva.com/security/ _______________________________________________________________________ Package : jasper Date : July 28, 2009 Affected: Enterprise Server 5.0 _______________________________________________________________________ Problem Description: Multiple security vulnerabilities has been identified and fixed in jasper: The jpc_qcx_getcompparms function in jpc/jpc_cs.c for the JasPer JPEG-2000 library (libjasper) before 1.900 allows remote user-assisted attackers to cause a denial of service (crash) and possibly corrupt the heap via malformed image files, as originally demonstrated using imagemagick convert (CVE-2007-2721). Multiple integer overflows in JasPer 1.900.1 might allow context-dependent attackers to have an unknown impact via a crafted image file, related to integer multiplication for memory allocation (CVE-2008-3520). The jas_stream_tmpfile function in libjasper/base/jas_stream.c in JasPer 1.900.1 allows local users to overwrite arbitrary files via a symlink attack on a tmp.XXXXXXXXXX temporary file (CVE-2008-3521). Buffer overflow in the jas_stream_printf function in libjasper/base/jas_stream.c in JasPer 1.900.1 might allow context-dependent attackers to have an unknown impact via vectors related to the mif_hdr_put function and use of vsprintf (CVE-2008-3522). The updated packages have been patched to prevent this. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2721 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3520 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3521 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3522 _______________________________________________________________________ Updated Packages: Mandriva Enterprise Server 5: 65be0f80702a82e764c61805d327b498 mes5/i586/jasper-1.900.1-4.2mdvmes2009.0.i586.rpm dad6f9fe7a3e34d58408068b2203df97 mes5/i586/libjasper1-1.900.1-4.2mdvmes2009.0.i586.rpm f628a7ae56773d45ef2bf6f1965e6915 mes5/i586/libjasper1-devel-1.900.1-4.2mdvmes2009.0.i586.rpm cdd85d00b6236fa78ba29a741080c780 mes5/i586/libjasper1-static-devel-1.900.1-4.2mdvmes2009.0.i586.rpm c27ccae2e89a1c0b7e785c475e6c8741 mes5/SRPMS/jasper-1.900.1-4.2mdvmes2009.0.src.rpm Mandriva Enterprise Server 5/X86_64: 91583c2f79ffb59d66eb9d7d8361a91a mes5/x86_64/jasper-1.900.1-4.2mdvmes2009.0.x86_64.rpm 3af36a7c96312a184f548a3c929b9e7b mes5/x86_64/lib64jasper1-1.900.1-4.2mdvmes2009.0.x86_64.rpm 3b4a398cc3713fc70e67c78fcc28642d mes5/x86_64/lib64jasper1-devel-1.900.1-4.2mdvmes2009.0.x86_64.rpm 980c64c57ce98446a5e8c283bb19e94b mes5/x86_64/lib64jasper1-static-devel-1.900.1-4.2mdvmes2009.0.x86_64.rpm c27ccae2e89a1c0b7e785c475e6c8741 mes5/SRPMS/jasper-1.900.1-4.2mdvmes2009.0.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team <security*mandriva.com> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFKbyqAmqjQ0CJFipgRApxwAKDD1rSkAxz2hSzo8MD/hs7NUN6+AgCcDgZT 36G+ZngpJJoKC4y6gmnm23E= =DZMY -----END PGP SIGNATURE-----
