Bugzilla – Bug 1179748
VUL-0: CVE-2020-27828: jasper: Heap-buffer-overflow in libjasper/jpc/jpc_enc.c:629
Last modified: 2023-12-20 14:50:30 UTC
The following CVE was reported and fixed inside the jasper project upstream. https://github.com/jasper-software/jasper/issues/252 Heap-buffer-overflow in libjasper/jpc/jpc_enc.c:629 #252 References: https://access.redhat.com/security/cve/cve-2020-27828 https://github.com/jasper-software/jasper/pull/253 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27828
SRs accepted.
SUSE-SU-2021:14627-1: An update that fixes two vulnerabilities is now available. Category: security (important) Bug References: 1179748,1181483 CVE References: CVE-2020-27828,CVE-2021-3272 JIRA References: Sources used: SUSE Linux Enterprise Server 11-SP4-LTSS (src): jasper-1.900.14-134.33.20.1 SUSE Linux Enterprise Point of Sale 11-SP3 (src): jasper-1.900.14-134.33.20.1 SUSE Linux Enterprise Debuginfo 11-SP4 (src): jasper-1.900.14-134.33.20.1 SUSE Linux Enterprise Debuginfo 11-SP3 (src): jasper-1.900.14-134.33.20.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2021:0489-1: An update that fixes two vulnerabilities is now available. Category: security (important) Bug References: 1179748,1181483 CVE References: CVE-2020-27828,CVE-2021-3272 JIRA References: Sources used: SUSE OpenStack Cloud Crowbar 9 (src): jasper-1.900.14-195.25.1 SUSE OpenStack Cloud Crowbar 8 (src): jasper-1.900.14-195.25.1 SUSE OpenStack Cloud 9 (src): jasper-1.900.14-195.25.1 SUSE OpenStack Cloud 8 (src): jasper-1.900.14-195.25.1 SUSE OpenStack Cloud 7 (src): jasper-1.900.14-195.25.1 SUSE Linux Enterprise Software Development Kit 12-SP5 (src): jasper-1.900.14-195.25.1 SUSE Linux Enterprise Server for SAP 12-SP4 (src): jasper-1.900.14-195.25.1 SUSE Linux Enterprise Server for SAP 12-SP3 (src): jasper-1.900.14-195.25.1 SUSE Linux Enterprise Server for SAP 12-SP2 (src): jasper-1.900.14-195.25.1 SUSE Linux Enterprise Server 12-SP5 (src): jasper-1.900.14-195.25.1 SUSE Linux Enterprise Server 12-SP4-LTSS (src): jasper-1.900.14-195.25.1 SUSE Linux Enterprise Server 12-SP3-LTSS (src): jasper-1.900.14-195.25.1 SUSE Linux Enterprise Server 12-SP3-BCL (src): jasper-1.900.14-195.25.1 SUSE Linux Enterprise Server 12-SP2-LTSS (src): jasper-1.900.14-195.25.1 SUSE Linux Enterprise Server 12-SP2-BCL (src): jasper-1.900.14-195.25.1 HPE Helion Openstack 8 (src): jasper-1.900.14-195.25.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2021:0488-1: An update that fixes two vulnerabilities is now available. Category: security (important) Bug References: 1179748,1181483 CVE References: CVE-2020-27828,CVE-2021-3272 JIRA References: Sources used: SUSE Manager Server 4.0 (src): jasper-2.0.14-3.19.1 SUSE Manager Retail Branch Server 4.0 (src): jasper-2.0.14-3.19.1 SUSE Manager Proxy 4.0 (src): jasper-2.0.14-3.19.1 SUSE Linux Enterprise Server for SAP 15-SP1 (src): jasper-2.0.14-3.19.1 SUSE Linux Enterprise Server for SAP 15 (src): jasper-2.0.14-3.19.1 SUSE Linux Enterprise Server 15-SP1-LTSS (src): jasper-2.0.14-3.19.1 SUSE Linux Enterprise Server 15-SP1-BCL (src): jasper-2.0.14-3.19.1 SUSE Linux Enterprise Server 15-LTSS (src): jasper-2.0.14-3.19.1 SUSE Linux Enterprise Module for Desktop Applications 15-SP3 (src): jasper-2.0.14-3.19.1 SUSE Linux Enterprise Module for Desktop Applications 15-SP2 (src): jasper-2.0.14-3.19.1 SUSE Linux Enterprise Module for Basesystem 15-SP3 (src): jasper-2.0.14-3.19.1 SUSE Linux Enterprise Module for Basesystem 15-SP2 (src): jasper-2.0.14-3.19.1 SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (src): jasper-2.0.14-3.19.1 SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (src): jasper-2.0.14-3.19.1 SUSE Linux Enterprise High Performance Computing 15-LTSS (src): jasper-2.0.14-3.19.1 SUSE Linux Enterprise High Performance Computing 15-ESPOS (src): jasper-2.0.14-3.19.1 SUSE Enterprise Storage 6 (src): jasper-2.0.14-3.19.1 SUSE CaaS Platform 4.0 (src): jasper-2.0.14-3.19.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
openSUSE-SU-2021:0303-1: An update that fixes two vulnerabilities is now available. Category: security (important) Bug References: 1179748,1181483 CVE References: CVE-2020-27828,CVE-2021-3272 JIRA References: Sources used: openSUSE Leap 15.2 (src): jasper-2.0.14-lp152.7.6.1
Done, closing.
This is an autogenerated message for OBS integration: This bug (1179748) was mentioned in https://build.opensuse.org/request/show/1121278 Factory / jasper