-
jasper (1.900.1-3ubuntu0.7.10.1) gutsy-security; urgency=low
* SECURITY UPDATE: integer overflows via integer multiplication for
memory allocation
- src/libjasper/include/jasper/jas_malloc.h,
src/libjasper/base/jas_malloc.c:
* introduce new size-checked allocation functions
- src/libjasper/base/jas_*.c,
src/libjasper/bmp/bmp_dec.c,
src/libjasper/jp2/jp2_*.c,
src/libjasper/jpc/jpc_*.c,
src/libjasper/mif/mif_cod.c:
* use new size-checked allocation functions
- CVE-2008-3520
* SECURITY UPDATE: denial of service via temporary file name prediction
- src/libjasper/base/jas_stream.c: use mkstemp()
- CVE-2008-3521
* SECURITY UPDATE: buffer overflow via vsprintf in jas_stream_printf()
- src/libjasper/base/jas_stream.c: use vsnprintf()
- CVE-2008-3522
-- Marc Deslauriers <email address hidden> Wed, 18 Mar 2009 13:22:57 -0400
-
jasper (1.900.1-3) unstable; urgency=low
* Fixed segfaults on broken images (Closes: #413041)
jasper (1.900.1-2) experimental; urgency=low
* Added jas_tmr.h to -dev package (Closes: #414705)
jasper (1.900.1-1) experimental; urgency=low
* New upstream release
* debian/control:
- Standards-Version: 3.7.2
- Build-Depends: freeglut3-dev instead of libglut3-dev (Closes: #394496)
* Renamed packages to libjasper1, libjasper-dev, libjasper-runtime according
to upstream shared library naming change
-- Ubuntu Archive Auto-Sync <email address hidden> Fri, 27 Apr 2007 00:08:30 +0100
-
jasper (1.701.0-2) unstable; urgency=low
* Prevent compression of pdf documents in binary packages
* Added man pages for the executables (Closes: #250077)
* Again renamed binary packages to reflect Policy:
- libjasper-1.701-1
- libjasper-1.701-dev (Provides, Replaces and Conflicts: libjasper-dev)
- libjasper-runtime
-- Roland Stigge <email address hidden> Sun, 20 Jun 2004 13:54:10 +0200
