Opened 3 years ago

Closed 3 years ago

Last modified 3 years ago

#17272 closed enhancement (fixed)

jasper-4.0.0 (Security update)

Reported by: Bruce Dubbs Owned by: Bruce Dubbs
Priority: elevated Milestone: 11.3
Component: BOOK Version: git
Severity: normal Keywords:
Cc:

Description

New major version.

Change History (4)

comment:1 by Bruce Dubbs, 3 years ago

Owner: changed from blfs-book to Bruce Dubbs
Status: newassigned

comment:2 by Bruce Dubbs, 3 years ago

Priority: normalelevated
Summary: jasper-4.0.0jasper-4.0.0 (Security update)

4.0.0 (2022-11-05)

  • Improve static linking.
  • Fix path relocation in mingw environment.
  • Improve logging and build scripts.
  • Improve JPEG-2000 conformance test results.
  • Enable PIC by default.
  • Fix memory leaks in function cmdopts_parse (CVE-2022-2963).
  • imgcmp: + Add quiet (-q) option. + Add debug-level option. + Fix memory leak.
  • imginfo: + Add quiet (-q) option.
  • Fix bug in parsing PGX header.
  • Fix integer overflow bug) (CVE-2022-40755).

comment:3 by Bruce Dubbs, 3 years ago

Resolution: fixed
Status: assignedclosed

Fixed at commit 

bf09c25c98 Update to btrfs-progs-v6.0.1.
b8e40524ec Update to jasper-4.0.0 (Security Update).
1ff37b5493 Update to mupdf-1.21.0.

comment:4 by Douglas R. Reno, 3 years ago

Issued SA-11.2-034

Note: See TracTickets for help on using tickets.