-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory MDVSA-2009:142-1 http://www.mandriva.com/security/ _______________________________________________________________________ Package : jasper Date : December 3, 2009 Affected: 2008.0 _______________________________________________________________________ Problem Description: Multiple security vulnerabilities has been identified and fixed in jasper: The jpc_qcx_getcompparms function in jpc/jpc_cs.c for the JasPer JPEG-2000 library (libjasper) before 1.900 allows remote user-assisted attackers to cause a denial of service (crash) and possibly corrupt the heap via malformed image files, as originally demonstrated using imagemagick convert (CVE-2007-2721). Multiple integer overflows in JasPer 1.900.1 might allow context-dependent attackers to have an unknown impact via a crafted image file, related to integer multiplication for memory allocation (CVE-2008-3520). The jas_stream_tmpfile function in libjasper/base/jas_stream.c in JasPer 1.900.1 allows local users to overwrite arbitrary files via a symlink attack on a tmp.XXXXXXXXXX temporary file (CVE-2008-3521). Buffer overflow in the jas_stream_printf function in libjasper/base/jas_stream.c in JasPer 1.900.1 might allow context-dependent attackers to have an unknown impact via vectors related to the mif_hdr_put function and use of vsprintf (CVE-2008-3522). The updated packages have been patched to prevent this. Update: Packages for 2008.0 are being provided due to extended support for Corporate products. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2721 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3520 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3521 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3522 _______________________________________________________________________ Updated Packages: Mandriva Linux 2008.0: 5f9c8dfae30f0cadf061de621b8c8001 2008.0/i586/jasper-1.900.1-2.1mdv2008.0.i586.rpm 31a18f0fd0eaf9fe8fbc3152716c5a97 2008.0/i586/libjasper1-1.900.1-2.1mdv2008.0.i586.rpm c19c0a59243be390523cfeb26362e177 2008.0/i586/libjasper1-devel-1.900.1-2.1mdv2008.0.i586.rpm 88a5c06798169a312935e33918194286 2008.0/i586/libjasper1-static-devel-1.900.1-2.1mdv2008.0.i586.rpm 16072736699b72d0d545a3b632fa0d70 2008.0/SRPMS/jasper-1.900.1-2.1mdv2008.0.src.rpm Mandriva Linux 2008.0/X86_64: 387d1e14ef8069d239bff354726b26cb 2008.0/x86_64/jasper-1.900.1-2.1mdv2008.0.x86_64.rpm 2ab7bf2550e00e423b511b5921a103b3 2008.0/x86_64/lib64jasper1-1.900.1-2.1mdv2008.0.x86_64.rpm 5abd166c380e4ed1cc9b925b5d0f1845 2008.0/x86_64/lib64jasper1-devel-1.900.1-2.1mdv2008.0.x86_64.rpm 36e2d6ef0ceb0ffdfa88265a9b016173 2008.0/x86_64/lib64jasper1-static-devel-1.900.1-2.1mdv2008.0.x86_64.rpm 16072736699b72d0d545a3b632fa0d70 2008.0/SRPMS/jasper-1.900.1-2.1mdv2008.0.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team <security*mandriva.com> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFLGBu5mqjQ0CJFipgRAnnxAKC1Yqp3matYvYtzco9NCLtW6KlsNgCgjIzw PL7nkNJNn62nP+NYytohvZk= =f+gJ -----END PGP SIGNATURE-----
