FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

jasper -- multiple vulnerabilities

Affected packages
jasper < 2.0.25

Details

VuXML ID 3a469cbc-7a66-11eb-bd3f-08002728f74c
Discovery 2021-02-07
Entry 2021-03-03

JasPer Releases:

- Fix memory-related bugs in the JPEG-2000 codec resulting from attempting to decode invalid code streams. (#264, #265)

This fix is associated with CVE-2021-26926 and CVE-2021-26927.

- Fix wrong return value under some compilers (#260)

- Fix CVE-2021-3272 heap buffer overflow in jp2_decode (#259)

References

CVE Name CVE-2021-26926
CVE Name CVE-2021-26927
CVE Name CVE-2021-3272
URL https://github.com/jasper-software/jasper/releases