Security update for jasper

Announcement ID:	SUSE-SU-2017:1901-1
Rating:	moderate
References:	bsc#1009994 bsc#1010756 bsc#1010757 bsc#1010766 bsc#1010774 bsc#1010782 bsc#1010968 bsc#1010975 bsc#1047958
Cross-References:	CVE-2016-9262 CVE-2016-9388 CVE-2016-9389 CVE-2016-9390 CVE-2016-9391 CVE-2016-9392 CVE-2016-9393 CVE-2016-9394 CVE-2017-1000050
CVSS scores:	CVE-2016-9262 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2016-9262 ( NVD ): 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2016-9388 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2016-9388 ( NVD ): 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2016-9389 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2016-9389 ( NVD ): 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2016-9390 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2016-9390 ( NVD ): 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2016-9391 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2016-9391 ( NVD ): 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2016-9392 ( NVD ): 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2016-9393 ( NVD ): 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2016-9394 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2016-9394 ( NVD ): 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2017-1000050 ( SUSE ): 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVE-2017-1000050 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2017-1000050 ( NVD ): 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products:	SLES for SAP Applications 11-SP4 SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Software Development Kit 11 SP4

An update that solves nine vulnerabilities can now be installed.

Description:

This update for jasper fixes the following issues:

Security issues fixed: - CVE-2016-9262: Multiple integer overflows in the jas_realloc function in base/jas_malloc.c and mem_resize function in base/jas_stream.c allow remote attackers to cause a denial of service via a crafted image, which triggers use after free vulnerabilities. (bsc#1009994) - CVE-2016-9388: The ras_getcmap function in ras_dec.c allows remote attackers to cause a denial of service (assertion failure) via a crafted image file. (bsc#1010975) - CVE-2016-9389: The jpc_irct and jpc_iict functions in jpc_mct.c allow remote attackers to cause a denial of service (assertion failure). (bsc#1010968) - CVE-2016-9390: The jas_seq2d_create function in jas_seq.c allows remote attackers to cause a denial of service (assertion failure) via a crafted image file. (bsc#1010774) - CVE-2016-9391: The jpc_bitstream_getbits function in jpc_bs.c allows remote attackers to cause a denial of service (assertion failure) via a very large integer. (bsc#1010782) - CVE-2017-1000050: The jp2_encode function in jp2_enc.c allows remote attackers to cause a denial of service. (bsc#1047958)

CVEs already fixed with previous update: - CVE-2016-9392: The calcstepsizes function in jpc_dec.c allows remote attackers to cause a denial of service (assertion failure) via a crafted file. (bsc#1010757) - CVE-2016-9393: The jpc_pi_nextrpcl function in jpc_t2cod.c allows remote attackers to cause a denial of service (assertion failure) via a crafted file. (bsc#1010766) - CVE-2016-9394: The jas_seq2d_create function in jas_seq.c allows remote attackers to cause a denial of service (assertion failure) via a crafted file. (bsc#1010756)

Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

• SUSE Linux Enterprise Software Development Kit 11 SP4
  zypper in -t patch sdksp4-jasper-13215=1
• SUSE Linux Enterprise Server 11 SP4
  zypper in -t patch slessp4-jasper-13215=1
• SLES for SAP Applications 11-SP4
  zypper in -t patch slessp4-jasper-13215=1

Package List:

• SUSE Linux Enterprise Software Development Kit 11 SP4 (s390x x86_64 i586 ppc64 ia64)
  • libjasper-devel-1.900.14-134.33.3.1
• SUSE Linux Enterprise Server 11 SP4 (s390x x86_64 i586 ppc64 ia64)
  • libjasper-1.900.14-134.33.3.1
• SUSE Linux Enterprise Server 11 SP4 (ia64)
  • libjasper-x86-1.900.14-134.33.3.1
• SUSE Linux Enterprise Server 11 SP4 (ppc64 s390x x86_64)
  • libjasper-32bit-1.900.14-134.33.3.1
• SLES for SAP Applications 11-SP4 (ppc64 x86_64)
  • libjasper-1.900.14-134.33.3.1
  • libjasper-32bit-1.900.14-134.33.3.1

References:

• https://www.suse.com/security/cve/CVE-2016-9262.html
• https://www.suse.com/security/cve/CVE-2016-9388.html
• https://www.suse.com/security/cve/CVE-2016-9389.html
• https://www.suse.com/security/cve/CVE-2016-9390.html
• https://www.suse.com/security/cve/CVE-2016-9391.html
• https://www.suse.com/security/cve/CVE-2016-9392.html
• https://www.suse.com/security/cve/CVE-2016-9393.html
• https://www.suse.com/security/cve/CVE-2016-9394.html
• https://www.suse.com/security/cve/CVE-2017-1000050.html
• https://bugzilla.suse.com/show_bug.cgi?id=1009994
• https://bugzilla.suse.com/show_bug.cgi?id=1010756
• https://bugzilla.suse.com/show_bug.cgi?id=1010757
• https://bugzilla.suse.com/show_bug.cgi?id=1010766
• https://bugzilla.suse.com/show_bug.cgi?id=1010774
• https://bugzilla.suse.com/show_bug.cgi?id=1010782
• https://bugzilla.suse.com/show_bug.cgi?id=1010968
• https://bugzilla.suse.com/show_bug.cgi?id=1010975
• https://bugzilla.suse.com/show_bug.cgi?id=1047958