Back to bug 747726
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Vincent Danen | 2011-10-20 20:51:37 UTC | CC | jpopelka | |
| Vincent Danen | 2011-10-20 21:00:51 UTC | Blocks | 747729 | |
| Huzaifa S. Sidhpurwala | 2011-10-26 10:22:25 UTC | Whiteboard | impact=important,public=no,reported=20111020,source=cert,cvss2=6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P,fedora-all/jasper=affected,epel-4/jasper=affected,epel-5/jasper=affected,epel-5/mingw32-jasper=affected,fedora-all/mingw32-jasper=affected rhel-6/jasper=affected | impact=important,public=20111204,reported=20111020,source=cert,cvss2=6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P,fedora-all/jasper=affected,epel-4/jasper=affected,epel-5/jasper=affected,epel-5/mingw32-jasper=affected,fedora-all/mingw32-jasper=affected rhel-6/jasper=affected |
| Huzaifa S. Sidhpurwala | 2011-10-26 10:24:12 UTC | Depends On | 749149 | |
| Huzaifa S. Sidhpurwala | 2011-10-26 10:24:24 UTC | Depends On | 749150 | |
| Vincent Danen | 2011-12-02 16:18:07 UTC | Whiteboard | impact=important,public=20111204,reported=20111020,source=cert,cvss2=6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P,fedora-all/jasper=affected,epel-4/jasper=affected,epel-5/jasper=affected,epel-5/mingw32-jasper=affected,fedora-all/mingw32-jasper=affected rhel-6/jasper=affected | impact=important,public=20111208,reported=20111020,source=cert,cvss2=6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P,fedora-all/jasper=affected,epel-4/jasper=affected,epel-5/jasper=affected,epel-5/mingw32-jasper=affected,fedora-all/mingw32-jasper=affected rhel-6/jasper=affected |
| Vincent Danen | 2011-12-05 22:52:53 UTC | Summary | EMBARGOED jasper: heap buffer overflow flaws lead to arbitrary code execution (CERT VU#887409) | EMBARGOED CVE-2011-4516 CVE-2011-4517 jasper: heap buffer overflow flaws lead to arbitrary code execution (CERT VU#887409) |
| Alias | CVE-2011-4516, CVE-2011-4517 | |||
| Huzaifa S. Sidhpurwala | 2011-12-07 06:24:42 UTC | Whiteboard | impact=important,public=20111208,reported=20111020,source=cert,cvss2=6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P,fedora-all/jasper=affected,epel-4/jasper=affected,epel-5/jasper=affected,epel-5/mingw32-jasper=affected,fedora-all/mingw32-jasper=affected rhel-6/jasper=affected | impact=important,public=20111208,reported=20111020,source=cert,cvss2=6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P,fedora-all/jasper=affected,epel-4/jasper=affected,epel-5/jasper=affected,epel-5/mingw32-jasper=affected,fedora-all/mingw32-jasper=affected rhel-6/jasper=affected,rhel-4/netpbm=affected,rhel-5/netpbm=affected |
| Huzaifa S. Sidhpurwala | 2011-12-07 06:40:08 UTC | Depends On | 760848 | |
| Huzaifa S. Sidhpurwala | 2011-12-07 06:40:24 UTC | Depends On | 760849 | |
| Huzaifa S. Sidhpurwala | 2011-12-07 06:40:36 UTC | Depends On | 760850 | |
| Huzaifa S. Sidhpurwala | 2011-12-07 07:45:26 UTC | CC | jnovy | |
| Jindrich Novy | 2011-12-07 12:49:37 UTC | Status | NEW | ON_QA |
| Tomas Hoger | 2011-12-07 13:01:03 UTC | Status | ON_QA | NEW |
| Huzaifa S. Sidhpurwala | 2011-12-09 03:34:05 UTC | Group | security, qe_staff | |
| Summary | EMBARGOED CVE-2011-4516 CVE-2011-4517 jasper: heap buffer overflow flaws lead to arbitrary code execution (CERT VU#887409) | CVE-2011-4516 CVE-2011-4517 jasper: heap buffer overflow flaws lead to arbitrary code execution (CERT VU#887409) | ||
| Huzaifa S. Sidhpurwala | 2011-12-09 03:35:06 UTC | Depends On | 765660 | |
| Huzaifa S. Sidhpurwala | 2011-12-09 03:35:16 UTC | Depends On | 765661 | |
| Huzaifa S. Sidhpurwala | 2011-12-09 03:35:24 UTC | Depends On | 765662 | |
| Huzaifa S. Sidhpurwala | 2011-12-09 03:35:32 UTC | Depends On | 765663 | |
| Huzaifa S. Sidhpurwala | 2011-12-09 03:35:44 UTC | Depends On | 765664 | |
| Iveta Wiedermann | 2011-12-12 09:21:03 UTC | CC | isenfeld | |
| Vincent Danen | 2012-08-10 17:30:07 UTC | Status | NEW | CLOSED |
| Resolution | --- | ERRATA | ||
| Last Closed | 2012-08-10 13:30:07 UTC | |||
| Martin Prpič | 2015-03-16 16:20:30 UTC | Doc Text | A heap-based buffer overflow flaw was found in the way JasPer decoded JPEG 2000 compressed image files. An attacker could create a malicious JPEG 2000 compressed image file that, when opened, would cause applications that use JasPer (such as Nautilus) to crash or, potentially, execute arbitrary code. | |
| Vasyl Kaigorodov | 2015-03-17 12:34:10 UTC | Blocks | 1167538 | |
| Vincent Danen | 2015-10-15 21:19:51 UTC | Whiteboard | impact=important,public=20111208,reported=20111020,source=cert,cvss2=6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P,fedora-all/jasper=affected,epel-4/jasper=affected,epel-5/jasper=affected,epel-5/mingw32-jasper=affected,fedora-all/mingw32-jasper=affected,rhel-6/jasper=affected,rhel-4/netpbm=affected,rhel-5/netpbm=affected | impact=important,public=20111208,reported=20111020,source=cert,cvss2=6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P,fedora-all/jasper=affected,epel-4/jasper=affected,epel-5/jasper=affected,epel-5/mingw32-jasper=affected,fedora-all/mingw32-jasper=affected,rhel-6/jasper=notaffected,rhel-4/netpbm=affected,rhel-5/netpbm=affected |
| Ján Rusnačko | 2015-11-24 14:42:57 UTC | Whiteboard | impact=important,public=20111208,reported=20111020,source=cert,cvss2=6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P,fedora-all/jasper=affected,epel-4/jasper=affected,epel-5/jasper=affected,epel-5/mingw32-jasper=affected,fedora-all/mingw32-jasper=affected,rhel-6/jasper=notaffected,rhel-4/netpbm=affected,rhel-5/netpbm=affected | impact=important,public=20111208,reported=20111020,source=cert,cvss2=6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P,fedora-all/jasper=affected,epel-4/jasper=affected,epel-5/jasper=affected,epel-5/mingw32-jasper=affected,fedora-all/mingw32-jasper=affected,rhel-6/jasper=affected,rhel-4/netpbm=affected,rhel-5/netpbm=affected |
| Ján Rusnačko | 2016-03-04 12:47:12 UTC | Whiteboard | impact=important,public=20111208,reported=20111020,source=cert,cvss2=6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P,fedora-all/jasper=affected,epel-4/jasper=affected,epel-5/jasper=affected,epel-5/mingw32-jasper=affected,fedora-all/mingw32-jasper=affected,rhel-6/jasper=affected,rhel-4/netpbm=affected,rhel-5/netpbm=affected | impact=important,public=20111208,reported=20111020,source=cert,cvss2=6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P,fedora-all/jasper=affected,epel-4/jasper=affected,epel-5/jasper=affected,epel-5/mingw32-jasper=affected,fedora-all/mingw32-jasper=affected,rhel-6/jasper=affected,rhel-4/netpbm=affected,rhel-5/netpbm=affected,cwe=CWE-122[auto] |
| Tomas Hoger | 2016-11-24 10:55:02 UTC | Fixed In Version | jasper 1.900.5 | |
| Miroslav Hradílek | 2018-11-20 10:55:30 UTC | CC | huzaifas, mhradile | |
| Flags | needinfo?(huzaifas) | |||
| Huzaifa S. Sidhpurwala | 2018-11-21 03:57:09 UTC | Flags | needinfo?(huzaifas) | |
| Product Security DevOps Team | 2019-09-29 12:48:01 UTC | Whiteboard | impact=important,public=20111208,reported=20111020,source=cert,cvss2=6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P,fedora-all/jasper=affected,epel-4/jasper=affected,epel-5/jasper=affected,epel-5/mingw32-jasper=affected,fedora-all/mingw32-jasper=affected,rhel-6/jasper=affected,rhel-4/netpbm=affected,rhel-5/netpbm=affected,cwe=CWE-122[auto] | |
| Doran Moppert | 2020-06-17 08:30:51 UTC | Blocks | 1314477 | |
| CC | amaris |
Back to bug 747726