Back to bug 1388864
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Adam Mariš | 2016-10-26 10:47:30 UTC | Blocks | 1388871 | |
| Adam Mariš | 2016-10-26 10:49:41 UTC | Depends On | 1388873 | |
| Adam Mariš | 2016-10-26 10:49:51 UTC | Depends On | 1388874 | |
| Adam Mariš | 2016-10-26 10:50:00 UTC | Depends On | 1388875 | |
| Adam Mariš | 2016-10-26 10:50:10 UTC | Depends On | 1388876 | |
| Tomas Hoger | 2016-11-29 09:39:38 UTC | Blocks | 1388871 | |
| Tomas Hoger | 2016-11-29 09:42:43 UTC | Blocks | 1314477 | |
| Tomas Hoger | 2016-12-15 13:03:05 UTC | Priority | medium | high |
| Status | NEW | CLOSED | ||
| Fixed In Version | jasper 1.900.5 | |||
| Resolution | --- | ERRATA | ||
| Summary | CVE-2016-8881 jasper: Heap buffer overflow in jpc_getuint16() | CVE-2016-8881 jasper: insufficient memory allocation in jpc_crg_getparms() | ||
| Whiteboard | impact=moderate,public=20161017,reported=20161017,source=oss-security,cvss2=5.8/AV:N/AC:M/Au:N/C:N/I:P/A:P,cvss3=5.1/CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L,cwe=CWE-122,rhel-5/netpbm=new,rhel-6/jasper=new,rhel-7/jasper=new,openshift-enterprise-2/jasper=new,rhev-m-3/mingw-virt-viewer=new,fedora-all/jasper=affected,fedora-all/mingw-jasper=affected,epel-5/jasper=affected,epel-7/mingw-jasper=affected | impact=important,public=20161017,reported=20161017,source=oss-security,cvss2=6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P,cvss3=7.8/CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,cwe=CWE-122,rhel-5/netpbm=affected,rhel-6/jasper=affected,rhel-7/jasper=notaffected,rhev-m-3/mingw-virt-viewer=affected,fedora-all/jasper=notaffected,fedora-all/mingw-jasper=notaffected,epel-5/jasper=notaffected,epel-7/mingw-jasper=notaffected | ||
| Severity | medium | high | ||
| Last Closed | 2016-12-15 08:03:05 UTC | |||
| Andrej Nemec | 2017-01-18 09:39:51 UTC | Summary | CVE-2016-8881 jasper: insufficient memory allocation in jpc_crg_getparms() | CVE-2016-8881 Rejected: CVE-2016-8881 |
| Tomas Hoger | 2017-01-18 10:22:22 UTC | Summary | CVE-2016-8881 Rejected: CVE-2016-8881 | CVE-2016-8881 jasper: insufficient memory allocation in jpc_crg_getparms() (rejected duplicate of CVE-2011-4517) |
| Product Security DevOps Team | 2019-09-29 13:58:49 UTC | Whiteboard | impact=important,public=20161017,reported=20161017,source=oss-security,cvss2=6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P,cvss3=7.8/CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,cwe=CWE-122,rhel-5/netpbm=affected,rhel-6/jasper=affected,rhel-7/jasper=notaffected,rhev-m-3/mingw-virt-viewer=affected,fedora-all/jasper=notaffected,fedora-all/mingw-jasper=notaffected,epel-5/jasper=notaffected,epel-7/mingw-jasper=notaffected | |
| Doran Moppert | 2020-06-17 08:40:02 UTC | Resolution | ERRATA | DUPLICATE |
Back to bug 1388864