Back to bug 1388831
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Adam Mariš | 2016-10-26 10:48:16 UTC | Blocks | 1388871 | |
| Adam Mariš | 2016-10-26 10:49:41 UTC | Depends On | 1388873 | |
| Adam Mariš | 2016-10-26 10:49:51 UTC | Depends On | 1388874 | |
| Adam Mariš | 2016-10-26 10:50:00 UTC | Depends On | 1388875 | |
| Adam Mariš | 2016-10-26 10:50:10 UTC | Depends On | 1388876 | |
| Adam Mariš | 2016-10-26 13:01:22 UTC | Fixed In Version | jasper 1.900.14, jasper 1.900.13, jasper 1.900.12, jasper 1.900.11, jasper 1.900.10, jasper 1.900.9 | jasper 1.900.9 |
| Tomas Hoger | 2016-11-29 09:39:38 UTC | Blocks | 1388871 | |
| Tomas Hoger | 2016-11-29 09:42:43 UTC | Blocks | 1314477 | |
| Tomas Hoger | 2016-11-30 15:21:14 UTC | Status | NEW | CLOSED |
| Resolution | --- | DUPLICATE | ||
| Summary | CVE-2016-8884 CVE-2016-8885 jasper: Null pointer dereference in bmp_getdata (incomplete fix for CVE-2016-8690) | jasper: Null pointer dereference in bmp_getdata (incomplete fix for CVE-2016-8690) | ||
| Alias | CVE-2016-8884, CVE-2016-8885 | |||
| Last Closed | 2016-11-30 10:21:14 UTC | |||
| Tomas Hoger | 2016-11-30 21:46:46 UTC | Summary | jasper: Null pointer dereference in bmp_getdata (incomplete fix for CVE-2016-8690) | jasper: missing jas_matrix_create() parameter checks (incomplete fix for CVE-2016-8690) |
| Whiteboard | impact=low,public=20161018,reported=20161018,source=oss-security,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:N/A:P,cvss3=4.0/CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L,cwe=CWE-476,rhel-5/netpbm=new,rhel-6/jasper=new,rhel-7/jasper=new,openshift-enterprise-2/jasper=new,rhev-m-3/mingw-virt-viewer=new,fedora-all/jasper=affected,fedora-all/mingw-jasper=affected,epel-5/jasper=affected,epel-7/mingw-jasper=affected | impact=moderate,public=20161015,reported=20161015,source=oss-security,cvss2=AV:N/AC:H/Au:N/C:P/I:P/A:P,cvss3=7.0/CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H,cwe=CWE-20,rhel-5/netpbm=wontfix,rhel-6/jasper=affected,rhel-7/jasper=affected,rhev-m-3/mingw-virt-viewer=wontfix,fedora-all/jasper=affected,fedora-all/mingw-jasper=affected,epel-5/jasper=affected,epel-7/mingw-jasper=affected | ||
| Tomas Hoger | 2016-11-30 22:25:01 UTC | Whiteboard | impact=moderate,public=20161015,reported=20161015,source=oss-security,cvss2=AV:N/AC:H/Au:N/C:P/I:P/A:P,cvss3=7.0/CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H,cwe=CWE-20,rhel-5/netpbm=wontfix,rhel-6/jasper=affected,rhel-7/jasper=affected,rhev-m-3/mingw-virt-viewer=wontfix,fedora-all/jasper=affected,fedora-all/mingw-jasper=affected,epel-5/jasper=affected,epel-7/mingw-jasper=affected | impact=moderate,public=20161015,reported=20161015,source=oss-security,cvss2=5.1/AV:N/AC:H/Au:N/C:P/I:P/A:P,cvss3=7.0/CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H,cwe=CWE-20,rhel-5/netpbm=wontfix,rhel-6/jasper=affected,rhel-7/jasper=affected,rhev-m-3/mingw-virt-viewer=wontfix,fedora-all/jasper=affected,fedora-all/mingw-jasper=affected,epel-5/jasper=affected,epel-7/mingw-jasper=affected |
| Martin Prpič | 2016-12-01 07:36:48 UTC | Priority | low | medium |
| Severity | low | medium | ||
| Product Security DevOps Team | 2019-09-29 13:58:49 UTC | Whiteboard | impact=moderate,public=20161015,reported=20161015,source=oss-security,cvss2=5.1/AV:N/AC:H/Au:N/C:P/I:P/A:P,cvss3=7.0/CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H,cwe=CWE-20,rhel-5/netpbm=wontfix,rhel-6/jasper=affected,rhel-7/jasper=affected,rhev-m-3/mingw-virt-viewer=wontfix,fedora-all/jasper=affected,fedora-all/mingw-jasper=affected,epel-5/jasper=affected,epel-7/mingw-jasper=affected |
Back to bug 1388831