View Bazaar branches
Get this repository:
git clone https://git.launchpad.net/ubuntu/+source/jasper
Members of Ubuntu Server Dev import team can upload to this repository. Log in for directions.

Branches

Name Last Modified Last Commit
importer/ubuntu/dsc 2018-07-05 14:53:33 UTC 2018-07-05
DSC file for 1.900.1-debian1-2.4ubuntu1.2

Author: Ubuntu Git Importer
Author Date: 2018-07-05 14:53:33 UTC

DSC file for 1.900.1-debian1-2.4ubuntu1.2

applied/ubuntu/trusty-security 2018-06-27 17:28:28 UTC 2018-06-27
Import patches-applied version 1.900.1-14ubuntu3.5 to applied/ubuntu/trusty-s...

Author: Marc Deslauriers
Author Date: 2018-06-27 15:04:48 UTC

Import patches-applied version 1.900.1-14ubuntu3.5 to applied/ubuntu/trusty-security

Imported using git-ubuntu import.

Changelog parent: 5d03d9677770e4f49c3aa134c9718f3716d04498
Unapplied parent: 935776fd074010afc3f203bef5813ec72b137556

New changelog entries:
  * SECURITY UPDATE: double-free in jasper_image_stop_load
    - debian/patches/CVE-2015-5203-CVE-2016-9262.patch: fix overflow and
      double free in src/libjasper/base/jas_image.c,
      src/libjasper/include/jasper/jas_math.h.
      (Thanks to Red Hat for the patch!)
    - CVE-2015-5203
  * SECURITY UPDATE: use-after-free in mif_process_cmpt
    - debian/patches/CVE-2015-5221.patch: fix use-after-free in
      src/libjasper/mif/mif_cod.c.
    - CVE-2015-5221
  * SECURITY UPDATE: denial of service in jpc_tsfb_synthesize
    - debian/patches/CVE-2016-10248.patch: fix type promotion and prevent
      null pointer dereference in src/libjasper/include/jasper/jas_seq.h,
      src/libjasper/jpc/jpc_dec.c, src/libjasper/jpc/jpc_tsfb.c.
    - CVE-2016-10248
  * SECURITY UPDATE: denial of service in jp2_colr_destroy
    - debian/patches/CVE-2016-10250.patch: fix cleanup in
      src/libjasper/jp2/jp2_cod.c.
    - CVE-2016-10250
  * SECURITY UPDATE: denial of service in jpc_dec_tiledecode
    - debian/patches/CVE-2016-8883.patch: remove asserts in
      src/libjasper/jpc/jpc_dec.c.
    - CVE-2016-8883
  * SECURITY UPDATE: denial of service in jp2_colr_destroy
    - debian/patches/CVE-2016-8887.patch: don't destroy box that doesn't
      exist in src/libjasper/jp2/jp2_cod.c, src/libjasper/jp2/jp2_dec.c.
    - CVE-2016-8887
  * SECURITY UPDATE: integer overflow in jpc_dec_process_siz
    - debian/patches/CVE-2016-9387-1.patch: fix overflow in
      src/libjasper/jpc/jpc_dec.c.
    - debian/patches/CVE-2016-9387-2.patch: add more checks to
      src/libjasper/jpc/jpc_dec.c.
    - CVE-2016-9387
  * SECURITY UPDATE: denial of service in ras_getcmap
    - debian/patches/CVE-2016-9388.patch: remove assertions in
      src/libjasper/ras/ras_dec.c, src/libjasper/ras/ras_enc.c.
    - CVE-2016-9388
  * SECURITY UPDATE: denial of service in jpc_irct and jpc_iict functions
    - debian/patches/CVE-2016-9389.patch: add check to
      src/libjasper/base/jas_image.c, src/libjasper/jpc/jpc_dec.c,
      src/libjasper/include/jasper/jas_image.h.
    - CVE-2016-9389
  * SECURITY UPDATE: denial of service in jas_seq2d_create
    - debian/patches/CVE-2016-9390.patch: check tiles in
      src/libjasper/jpc/jpc_cs.c.
    - CVE-2016-9390
  * SECURITY UPDATE: denial of service in jpc_bitstream_getbits
    - debian/patches/CVE-2016-9391.patch: add tests to
      src/libjasper/jpc/jpc_bs.c, src/libjasper/jpc/jpc_cs.c.
    - CVE-2016-9391
  * SECURITY UPDATE: multiple denial of service issues
    - debian/patches/CVE-2016-9392-3-4.patch: add more checks to
      src/libjasper/jpc/jpc_cs.c.
    - CVE-2016-9392
    - CVE-2016-9393
    - CVE-2016-9394
  * SECURITY UPDATE: denial of service in JPC_NOMINALGAIN
    - debian/patches/CVE-2016-9396.patch: add check to
      src/libjasper/jpc/jpc_cs.c.
    - CVE-2016-9396
  * SECURITY UPDATE: denial of service via crafted image
    - debian/patches/CVE-2016-9600.patch: add more checks to
      src/libjasper/jp2/jp2_enc.c.
    - CVE-2016-9600
  * SECURITY UPDATE: NULL pointer exception in jp2_encode
    - debian/patches/CVE-2017-1000050.patch: check number of components in
      src/libjasper/jp2/jp2_enc.c.
    - CVE-2017-1000050
  * SECURITY UPDATE: denial of service in jp2_cdef_destroy
    - debian/patches/CVE-2017-6850.patch: initialize data in
      src/libjasper/base/jas_stream.c, src/libjasper/jp2/jp2_cod.c.
    - CVE-2017-6850

applied/ubuntu/trusty-updates 2018-06-27 17:28:28 UTC 2018-06-27
Import patches-applied version 1.900.1-14ubuntu3.5 to applied/ubuntu/trusty-s...

Author: Marc Deslauriers
Author Date: 2018-06-27 15:04:48 UTC

Import patches-applied version 1.900.1-14ubuntu3.5 to applied/ubuntu/trusty-security

Imported using git-ubuntu import.

Changelog parent: 5d03d9677770e4f49c3aa134c9718f3716d04498
Unapplied parent: 935776fd074010afc3f203bef5813ec72b137556

New changelog entries:
  * SECURITY UPDATE: double-free in jasper_image_stop_load
    - debian/patches/CVE-2015-5203-CVE-2016-9262.patch: fix overflow and
      double free in src/libjasper/base/jas_image.c,
      src/libjasper/include/jasper/jas_math.h.
      (Thanks to Red Hat for the patch!)
    - CVE-2015-5203
  * SECURITY UPDATE: use-after-free in mif_process_cmpt
    - debian/patches/CVE-2015-5221.patch: fix use-after-free in
      src/libjasper/mif/mif_cod.c.
    - CVE-2015-5221
  * SECURITY UPDATE: denial of service in jpc_tsfb_synthesize
    - debian/patches/CVE-2016-10248.patch: fix type promotion and prevent
      null pointer dereference in src/libjasper/include/jasper/jas_seq.h,
      src/libjasper/jpc/jpc_dec.c, src/libjasper/jpc/jpc_tsfb.c.
    - CVE-2016-10248
  * SECURITY UPDATE: denial of service in jp2_colr_destroy
    - debian/patches/CVE-2016-10250.patch: fix cleanup in
      src/libjasper/jp2/jp2_cod.c.
    - CVE-2016-10250
  * SECURITY UPDATE: denial of service in jpc_dec_tiledecode
    - debian/patches/CVE-2016-8883.patch: remove asserts in
      src/libjasper/jpc/jpc_dec.c.
    - CVE-2016-8883
  * SECURITY UPDATE: denial of service in jp2_colr_destroy
    - debian/patches/CVE-2016-8887.patch: don't destroy box that doesn't
      exist in src/libjasper/jp2/jp2_cod.c, src/libjasper/jp2/jp2_dec.c.
    - CVE-2016-8887
  * SECURITY UPDATE: integer overflow in jpc_dec_process_siz
    - debian/patches/CVE-2016-9387-1.patch: fix overflow in
      src/libjasper/jpc/jpc_dec.c.
    - debian/patches/CVE-2016-9387-2.patch: add more checks to
      src/libjasper/jpc/jpc_dec.c.
    - CVE-2016-9387
  * SECURITY UPDATE: denial of service in ras_getcmap
    - debian/patches/CVE-2016-9388.patch: remove assertions in
      src/libjasper/ras/ras_dec.c, src/libjasper/ras/ras_enc.c.
    - CVE-2016-9388
  * SECURITY UPDATE: denial of service in jpc_irct and jpc_iict functions
    - debian/patches/CVE-2016-9389.patch: add check to
      src/libjasper/base/jas_image.c, src/libjasper/jpc/jpc_dec.c,
      src/libjasper/include/jasper/jas_image.h.
    - CVE-2016-9389
  * SECURITY UPDATE: denial of service in jas_seq2d_create
    - debian/patches/CVE-2016-9390.patch: check tiles in
      src/libjasper/jpc/jpc_cs.c.
    - CVE-2016-9390
  * SECURITY UPDATE: denial of service in jpc_bitstream_getbits
    - debian/patches/CVE-2016-9391.patch: add tests to
      src/libjasper/jpc/jpc_bs.c, src/libjasper/jpc/jpc_cs.c.
    - CVE-2016-9391
  * SECURITY UPDATE: multiple denial of service issues
    - debian/patches/CVE-2016-9392-3-4.patch: add more checks to
      src/libjasper/jpc/jpc_cs.c.
    - CVE-2016-9392
    - CVE-2016-9393
    - CVE-2016-9394
  * SECURITY UPDATE: denial of service in JPC_NOMINALGAIN
    - debian/patches/CVE-2016-9396.patch: add check to
      src/libjasper/jpc/jpc_cs.c.
    - CVE-2016-9396
  * SECURITY UPDATE: denial of service via crafted image
    - debian/patches/CVE-2016-9600.patch: add more checks to
      src/libjasper/jp2/jp2_enc.c.
    - CVE-2016-9600
  * SECURITY UPDATE: NULL pointer exception in jp2_encode
    - debian/patches/CVE-2017-1000050.patch: check number of components in
      src/libjasper/jp2/jp2_enc.c.
    - CVE-2017-1000050
  * SECURITY UPDATE: denial of service in jp2_cdef_destroy
    - debian/patches/CVE-2017-6850.patch: initialize data in
      src/libjasper/base/jas_stream.c, src/libjasper/jp2/jp2_cod.c.
    - CVE-2017-6850

applied/ubuntu/xenial-devel 2018-06-27 17:28:28 UTC 2018-06-27
Import patches-applied version 1.900.1-debian1-2.4ubuntu1.2 to applied/ubuntu...

Author: Marc Deslauriers
Author Date: 2018-06-27 11:48:44 UTC

Import patches-applied version 1.900.1-debian1-2.4ubuntu1.2 to applied/ubuntu/xenial-security

Imported using git-ubuntu import.

Changelog parent: 158b3601bcf751e7267653ba80bcf7c74204d62c
Unapplied parent: 006750f44fab3b5aa17b5970d57128bedbb066e7

New changelog entries:
  * SECURITY UPDATE: double-free in jasper_image_stop_load
    - debian/patches/CVE-2015-5203-CVE-2016-9262.patch: fix overflow and
      double free in src/libjasper/base/jas_image.c,
      src/libjasper/include/jasper/jas_math.h.
      (Thanks to Red Hat for the patch!)
    - CVE-2015-5203
  * SECURITY UPDATE: use-after-free in mif_process_cmpt
    - debian/patches/CVE-2015-5221.patch: fix use-after-free in
      src/libjasper/mif/mif_cod.c.
    - CVE-2015-5221
  * SECURITY UPDATE: denial of service in jpc_tsfb_synthesize
    - debian/patches/CVE-2016-10248.patch: fix type promotion and prevent
      null pointer dereference in src/libjasper/include/jasper/jas_seq.h,
      src/libjasper/jpc/jpc_dec.c, src/libjasper/jpc/jpc_tsfb.c.
    - CVE-2016-10248
  * SECURITY UPDATE: denial of service in jp2_colr_destroy
    - debian/patches/CVE-2016-10250.patch: fix cleanup in
      src/libjasper/jp2/jp2_cod.c.
    - CVE-2016-10250
  * SECURITY UPDATE: denial of service in jpc_dec_tiledecode
    - debian/patches/CVE-2016-8883.patch: remove asserts in
      src/libjasper/jpc/jpc_dec.c.
    - CVE-2016-8883
  * SECURITY UPDATE: denial of service in jp2_colr_destroy
    - debian/patches/CVE-2016-8887.patch: don't destroy box that doesn't
      exist in src/libjasper/jp2/jp2_cod.c, src/libjasper/jp2/jp2_dec.c.
    - CVE-2016-8887
  * SECURITY UPDATE: integer overflow in jpc_dec_process_siz
    - debian/patches/CVE-2016-9387-1.patch: fix overflow in
      src/libjasper/jpc/jpc_dec.c.
    - debian/patches/CVE-2016-9387-2.patch: add more checks to
      src/libjasper/jpc/jpc_dec.c.
    - CVE-2016-9387
  * SECURITY UPDATE: denial of service in ras_getcmap
    - debian/patches/CVE-2016-9388.patch: remove assertions in
      src/libjasper/ras/ras_dec.c, src/libjasper/ras/ras_enc.c.
    - CVE-2016-9388
  * SECURITY UPDATE: denial of service in jpc_irct and jpc_iict functions
    - debian/patches/CVE-2016-9389.patch: add check to
      src/libjasper/base/jas_image.c, src/libjasper/jpc/jpc_dec.c,
      src/libjasper/include/jasper/jas_image.h.
    - CVE-2016-9389
  * SECURITY UPDATE: denial of service in jas_seq2d_create
    - debian/patches/CVE-2016-9390.patch: check tiles in
      src/libjasper/jpc/jpc_cs.c.
    - CVE-2016-9390
  * SECURITY UPDATE: denial of service in jpc_bitstream_getbits
    - debian/patches/CVE-2016-9391.patch: add tests to
      src/libjasper/jpc/jpc_bs.c, src/libjasper/jpc/jpc_cs.c.
    - CVE-2016-9391
  * SECURITY UPDATE: multiple denial of service issues
    - debian/patches/CVE-2016-9392-3-4.patch: add more checks to
      src/libjasper/jpc/jpc_cs.c.
    - CVE-2016-9392
    - CVE-2016-9393
    - CVE-2016-9394
  * SECURITY UPDATE: denial of service in JPC_NOMINALGAIN
    - debian/patches/CVE-2016-9396.patch: add check to
      src/libjasper/jpc/jpc_cs.c.
    - CVE-2016-9396
  * SECURITY UPDATE: denial of service via crafted image
    - debian/patches/CVE-2016-9600.patch: add more checks to
      src/libjasper/jp2/jp2_enc.c.
    - CVE-2016-9600
  * SECURITY UPDATE: NULL pointer exception in jp2_encode
    - debian/patches/CVE-2017-1000050.patch: check number of components in
      src/libjasper/jp2/jp2_enc.c.
    - CVE-2017-1000050
  * SECURITY UPDATE: denial of service in jp2_cdef_destroy
    - debian/patches/CVE-2017-6850.patch: initialize data in
      src/libjasper/base/jas_stream.c, src/libjasper/jp2/jp2_cod.c.
    - CVE-2017-6850

applied/ubuntu/xenial-security 2018-06-27 17:28:28 UTC 2018-06-27
Import patches-applied version 1.900.1-debian1-2.4ubuntu1.2 to applied/ubuntu...

Author: Marc Deslauriers
Author Date: 2018-06-27 11:48:44 UTC

Import patches-applied version 1.900.1-debian1-2.4ubuntu1.2 to applied/ubuntu/xenial-security

Imported using git-ubuntu import.

Changelog parent: 158b3601bcf751e7267653ba80bcf7c74204d62c
Unapplied parent: 006750f44fab3b5aa17b5970d57128bedbb066e7

New changelog entries:
  * SECURITY UPDATE: double-free in jasper_image_stop_load
    - debian/patches/CVE-2015-5203-CVE-2016-9262.patch: fix overflow and
      double free in src/libjasper/base/jas_image.c,
      src/libjasper/include/jasper/jas_math.h.
      (Thanks to Red Hat for the patch!)
    - CVE-2015-5203
  * SECURITY UPDATE: use-after-free in mif_process_cmpt
    - debian/patches/CVE-2015-5221.patch: fix use-after-free in
      src/libjasper/mif/mif_cod.c.
    - CVE-2015-5221
  * SECURITY UPDATE: denial of service in jpc_tsfb_synthesize
    - debian/patches/CVE-2016-10248.patch: fix type promotion and prevent
      null pointer dereference in src/libjasper/include/jasper/jas_seq.h,
      src/libjasper/jpc/jpc_dec.c, src/libjasper/jpc/jpc_tsfb.c.
    - CVE-2016-10248
  * SECURITY UPDATE: denial of service in jp2_colr_destroy
    - debian/patches/CVE-2016-10250.patch: fix cleanup in
      src/libjasper/jp2/jp2_cod.c.
    - CVE-2016-10250
  * SECURITY UPDATE: denial of service in jpc_dec_tiledecode
    - debian/patches/CVE-2016-8883.patch: remove asserts in
      src/libjasper/jpc/jpc_dec.c.
    - CVE-2016-8883
  * SECURITY UPDATE: denial of service in jp2_colr_destroy
    - debian/patches/CVE-2016-8887.patch: don't destroy box that doesn't
      exist in src/libjasper/jp2/jp2_cod.c, src/libjasper/jp2/jp2_dec.c.
    - CVE-2016-8887
  * SECURITY UPDATE: integer overflow in jpc_dec_process_siz
    - debian/patches/CVE-2016-9387-1.patch: fix overflow in
      src/libjasper/jpc/jpc_dec.c.
    - debian/patches/CVE-2016-9387-2.patch: add more checks to
      src/libjasper/jpc/jpc_dec.c.
    - CVE-2016-9387
  * SECURITY UPDATE: denial of service in ras_getcmap
    - debian/patches/CVE-2016-9388.patch: remove assertions in
      src/libjasper/ras/ras_dec.c, src/libjasper/ras/ras_enc.c.
    - CVE-2016-9388
  * SECURITY UPDATE: denial of service in jpc_irct and jpc_iict functions
    - debian/patches/CVE-2016-9389.patch: add check to
      src/libjasper/base/jas_image.c, src/libjasper/jpc/jpc_dec.c,
      src/libjasper/include/jasper/jas_image.h.
    - CVE-2016-9389
  * SECURITY UPDATE: denial of service in jas_seq2d_create
    - debian/patches/CVE-2016-9390.patch: check tiles in
      src/libjasper/jpc/jpc_cs.c.
    - CVE-2016-9390
  * SECURITY UPDATE: denial of service in jpc_bitstream_getbits
    - debian/patches/CVE-2016-9391.patch: add tests to
      src/libjasper/jpc/jpc_bs.c, src/libjasper/jpc/jpc_cs.c.
    - CVE-2016-9391
  * SECURITY UPDATE: multiple denial of service issues
    - debian/patches/CVE-2016-9392-3-4.patch: add more checks to
      src/libjasper/jpc/jpc_cs.c.
    - CVE-2016-9392
    - CVE-2016-9393
    - CVE-2016-9394
  * SECURITY UPDATE: denial of service in JPC_NOMINALGAIN
    - debian/patches/CVE-2016-9396.patch: add check to
      src/libjasper/jpc/jpc_cs.c.
    - CVE-2016-9396
  * SECURITY UPDATE: denial of service via crafted image
    - debian/patches/CVE-2016-9600.patch: add more checks to
      src/libjasper/jp2/jp2_enc.c.
    - CVE-2016-9600
  * SECURITY UPDATE: NULL pointer exception in jp2_encode
    - debian/patches/CVE-2017-1000050.patch: check number of components in
      src/libjasper/jp2/jp2_enc.c.
    - CVE-2017-1000050
  * SECURITY UPDATE: denial of service in jp2_cdef_destroy
    - debian/patches/CVE-2017-6850.patch: initialize data in
      src/libjasper/base/jas_stream.c, src/libjasper/jp2/jp2_cod.c.
    - CVE-2017-6850

applied/ubuntu/xenial-updates 2018-06-27 17:28:28 UTC 2018-06-27
Import patches-applied version 1.900.1-debian1-2.4ubuntu1.2 to applied/ubuntu...

Author: Marc Deslauriers
Author Date: 2018-06-27 11:48:44 UTC

Import patches-applied version 1.900.1-debian1-2.4ubuntu1.2 to applied/ubuntu/xenial-security

Imported using git-ubuntu import.

Changelog parent: 158b3601bcf751e7267653ba80bcf7c74204d62c
Unapplied parent: 006750f44fab3b5aa17b5970d57128bedbb066e7

New changelog entries:
  * SECURITY UPDATE: double-free in jasper_image_stop_load
    - debian/patches/CVE-2015-5203-CVE-2016-9262.patch: fix overflow and
      double free in src/libjasper/base/jas_image.c,
      src/libjasper/include/jasper/jas_math.h.
      (Thanks to Red Hat for the patch!)
    - CVE-2015-5203
  * SECURITY UPDATE: use-after-free in mif_process_cmpt
    - debian/patches/CVE-2015-5221.patch: fix use-after-free in
      src/libjasper/mif/mif_cod.c.
    - CVE-2015-5221
  * SECURITY UPDATE: denial of service in jpc_tsfb_synthesize
    - debian/patches/CVE-2016-10248.patch: fix type promotion and prevent
      null pointer dereference in src/libjasper/include/jasper/jas_seq.h,
      src/libjasper/jpc/jpc_dec.c, src/libjasper/jpc/jpc_tsfb.c.
    - CVE-2016-10248
  * SECURITY UPDATE: denial of service in jp2_colr_destroy
    - debian/patches/CVE-2016-10250.patch: fix cleanup in
      src/libjasper/jp2/jp2_cod.c.
    - CVE-2016-10250
  * SECURITY UPDATE: denial of service in jpc_dec_tiledecode
    - debian/patches/CVE-2016-8883.patch: remove asserts in
      src/libjasper/jpc/jpc_dec.c.
    - CVE-2016-8883
  * SECURITY UPDATE: denial of service in jp2_colr_destroy
    - debian/patches/CVE-2016-8887.patch: don't destroy box that doesn't
      exist in src/libjasper/jp2/jp2_cod.c, src/libjasper/jp2/jp2_dec.c.
    - CVE-2016-8887
  * SECURITY UPDATE: integer overflow in jpc_dec_process_siz
    - debian/patches/CVE-2016-9387-1.patch: fix overflow in
      src/libjasper/jpc/jpc_dec.c.
    - debian/patches/CVE-2016-9387-2.patch: add more checks to
      src/libjasper/jpc/jpc_dec.c.
    - CVE-2016-9387
  * SECURITY UPDATE: denial of service in ras_getcmap
    - debian/patches/CVE-2016-9388.patch: remove assertions in
      src/libjasper/ras/ras_dec.c, src/libjasper/ras/ras_enc.c.
    - CVE-2016-9388
  * SECURITY UPDATE: denial of service in jpc_irct and jpc_iict functions
    - debian/patches/CVE-2016-9389.patch: add check to
      src/libjasper/base/jas_image.c, src/libjasper/jpc/jpc_dec.c,
      src/libjasper/include/jasper/jas_image.h.
    - CVE-2016-9389
  * SECURITY UPDATE: denial of service in jas_seq2d_create
    - debian/patches/CVE-2016-9390.patch: check tiles in
      src/libjasper/jpc/jpc_cs.c.
    - CVE-2016-9390
  * SECURITY UPDATE: denial of service in jpc_bitstream_getbits
    - debian/patches/CVE-2016-9391.patch: add tests to
      src/libjasper/jpc/jpc_bs.c, src/libjasper/jpc/jpc_cs.c.
    - CVE-2016-9391
  * SECURITY UPDATE: multiple denial of service issues
    - debian/patches/CVE-2016-9392-3-4.patch: add more checks to
      src/libjasper/jpc/jpc_cs.c.
    - CVE-2016-9392
    - CVE-2016-9393
    - CVE-2016-9394
  * SECURITY UPDATE: denial of service in JPC_NOMINALGAIN
    - debian/patches/CVE-2016-9396.patch: add check to
      src/libjasper/jpc/jpc_cs.c.
    - CVE-2016-9396
  * SECURITY UPDATE: denial of service via crafted image
    - debian/patches/CVE-2016-9600.patch: add more checks to
      src/libjasper/jp2/jp2_enc.c.
    - CVE-2016-9600
  * SECURITY UPDATE: NULL pointer exception in jp2_encode
    - debian/patches/CVE-2017-1000050.patch: check number of components in
      src/libjasper/jp2/jp2_enc.c.
    - CVE-2017-1000050
  * SECURITY UPDATE: denial of service in jp2_cdef_destroy
    - debian/patches/CVE-2017-6850.patch: initialize data in
      src/libjasper/base/jas_stream.c, src/libjasper/jp2/jp2_cod.c.
    - CVE-2017-6850

ubuntu/xenial-devel 2018-06-27 17:28:28 UTC 2018-06-27
Import patches-unapplied version 1.900.1-debian1-2.4ubuntu1.2 to ubuntu/xenia...

Author: Marc Deslauriers
Author Date: 2018-06-27 11:48:44 UTC

Import patches-unapplied version 1.900.1-debian1-2.4ubuntu1.2 to ubuntu/xenial-security

Imported using git-ubuntu import.

Changelog parent: 9f327eb79e6d9d3075b5db12abc0fec9f131570e

New changelog entries:
  * SECURITY UPDATE: double-free in jasper_image_stop_load
    - debian/patches/CVE-2015-5203-CVE-2016-9262.patch: fix overflow and
      double free in src/libjasper/base/jas_image.c,
      src/libjasper/include/jasper/jas_math.h.
      (Thanks to Red Hat for the patch!)
    - CVE-2015-5203
  * SECURITY UPDATE: use-after-free in mif_process_cmpt
    - debian/patches/CVE-2015-5221.patch: fix use-after-free in
      src/libjasper/mif/mif_cod.c.
    - CVE-2015-5221
  * SECURITY UPDATE: denial of service in jpc_tsfb_synthesize
    - debian/patches/CVE-2016-10248.patch: fix type promotion and prevent
      null pointer dereference in src/libjasper/include/jasper/jas_seq.h,
      src/libjasper/jpc/jpc_dec.c, src/libjasper/jpc/jpc_tsfb.c.
    - CVE-2016-10248
  * SECURITY UPDATE: denial of service in jp2_colr_destroy
    - debian/patches/CVE-2016-10250.patch: fix cleanup in
      src/libjasper/jp2/jp2_cod.c.
    - CVE-2016-10250
  * SECURITY UPDATE: denial of service in jpc_dec_tiledecode
    - debian/patches/CVE-2016-8883.patch: remove asserts in
      src/libjasper/jpc/jpc_dec.c.
    - CVE-2016-8883
  * SECURITY UPDATE: denial of service in jp2_colr_destroy
    - debian/patches/CVE-2016-8887.patch: don't destroy box that doesn't
      exist in src/libjasper/jp2/jp2_cod.c, src/libjasper/jp2/jp2_dec.c.
    - CVE-2016-8887
  * SECURITY UPDATE: integer overflow in jpc_dec_process_siz
    - debian/patches/CVE-2016-9387-1.patch: fix overflow in
      src/libjasper/jpc/jpc_dec.c.
    - debian/patches/CVE-2016-9387-2.patch: add more checks to
      src/libjasper/jpc/jpc_dec.c.
    - CVE-2016-9387
  * SECURITY UPDATE: denial of service in ras_getcmap
    - debian/patches/CVE-2016-9388.patch: remove assertions in
      src/libjasper/ras/ras_dec.c, src/libjasper/ras/ras_enc.c.
    - CVE-2016-9388
  * SECURITY UPDATE: denial of service in jpc_irct and jpc_iict functions
    - debian/patches/CVE-2016-9389.patch: add check to
      src/libjasper/base/jas_image.c, src/libjasper/jpc/jpc_dec.c,
      src/libjasper/include/jasper/jas_image.h.
    - CVE-2016-9389
  * SECURITY UPDATE: denial of service in jas_seq2d_create
    - debian/patches/CVE-2016-9390.patch: check tiles in
      src/libjasper/jpc/jpc_cs.c.
    - CVE-2016-9390
  * SECURITY UPDATE: denial of service in jpc_bitstream_getbits
    - debian/patches/CVE-2016-9391.patch: add tests to
      src/libjasper/jpc/jpc_bs.c, src/libjasper/jpc/jpc_cs.c.
    - CVE-2016-9391
  * SECURITY UPDATE: multiple denial of service issues
    - debian/patches/CVE-2016-9392-3-4.patch: add more checks to
      src/libjasper/jpc/jpc_cs.c.
    - CVE-2016-9392
    - CVE-2016-9393
    - CVE-2016-9394
  * SECURITY UPDATE: denial of service in JPC_NOMINALGAIN
    - debian/patches/CVE-2016-9396.patch: add check to
      src/libjasper/jpc/jpc_cs.c.
    - CVE-2016-9396
  * SECURITY UPDATE: denial of service via crafted image
    - debian/patches/CVE-2016-9600.patch: add more checks to
      src/libjasper/jp2/jp2_enc.c.
    - CVE-2016-9600
  * SECURITY UPDATE: NULL pointer exception in jp2_encode
    - debian/patches/CVE-2017-1000050.patch: check number of components in
      src/libjasper/jp2/jp2_enc.c.
    - CVE-2017-1000050
  * SECURITY UPDATE: denial of service in jp2_cdef_destroy
    - debian/patches/CVE-2017-6850.patch: initialize data in
      src/libjasper/base/jas_stream.c, src/libjasper/jp2/jp2_cod.c.
    - CVE-2017-6850

ubuntu/xenial-security 2018-06-27 17:28:28 UTC 2018-06-27
Import patches-unapplied version 1.900.1-debian1-2.4ubuntu1.2 to ubuntu/xenia...

Author: Marc Deslauriers
Author Date: 2018-06-27 11:48:44 UTC

Import patches-unapplied version 1.900.1-debian1-2.4ubuntu1.2 to ubuntu/xenial-security

Imported using git-ubuntu import.

Changelog parent: 9f327eb79e6d9d3075b5db12abc0fec9f131570e

New changelog entries:
  * SECURITY UPDATE: double-free in jasper_image_stop_load
    - debian/patches/CVE-2015-5203-CVE-2016-9262.patch: fix overflow and
      double free in src/libjasper/base/jas_image.c,
      src/libjasper/include/jasper/jas_math.h.
      (Thanks to Red Hat for the patch!)
    - CVE-2015-5203
  * SECURITY UPDATE: use-after-free in mif_process_cmpt
    - debian/patches/CVE-2015-5221.patch: fix use-after-free in
      src/libjasper/mif/mif_cod.c.
    - CVE-2015-5221
  * SECURITY UPDATE: denial of service in jpc_tsfb_synthesize
    - debian/patches/CVE-2016-10248.patch: fix type promotion and prevent
      null pointer dereference in src/libjasper/include/jasper/jas_seq.h,
      src/libjasper/jpc/jpc_dec.c, src/libjasper/jpc/jpc_tsfb.c.
    - CVE-2016-10248
  * SECURITY UPDATE: denial of service in jp2_colr_destroy
    - debian/patches/CVE-2016-10250.patch: fix cleanup in
      src/libjasper/jp2/jp2_cod.c.
    - CVE-2016-10250
  * SECURITY UPDATE: denial of service in jpc_dec_tiledecode
    - debian/patches/CVE-2016-8883.patch: remove asserts in
      src/libjasper/jpc/jpc_dec.c.
    - CVE-2016-8883
  * SECURITY UPDATE: denial of service in jp2_colr_destroy
    - debian/patches/CVE-2016-8887.patch: don't destroy box that doesn't
      exist in src/libjasper/jp2/jp2_cod.c, src/libjasper/jp2/jp2_dec.c.
    - CVE-2016-8887
  * SECURITY UPDATE: integer overflow in jpc_dec_process_siz
    - debian/patches/CVE-2016-9387-1.patch: fix overflow in
      src/libjasper/jpc/jpc_dec.c.
    - debian/patches/CVE-2016-9387-2.patch: add more checks to
      src/libjasper/jpc/jpc_dec.c.
    - CVE-2016-9387
  * SECURITY UPDATE: denial of service in ras_getcmap
    - debian/patches/CVE-2016-9388.patch: remove assertions in
      src/libjasper/ras/ras_dec.c, src/libjasper/ras/ras_enc.c.
    - CVE-2016-9388
  * SECURITY UPDATE: denial of service in jpc_irct and jpc_iict functions
    - debian/patches/CVE-2016-9389.patch: add check to
      src/libjasper/base/jas_image.c, src/libjasper/jpc/jpc_dec.c,
      src/libjasper/include/jasper/jas_image.h.
    - CVE-2016-9389
  * SECURITY UPDATE: denial of service in jas_seq2d_create
    - debian/patches/CVE-2016-9390.patch: check tiles in
      src/libjasper/jpc/jpc_cs.c.
    - CVE-2016-9390
  * SECURITY UPDATE: denial of service in jpc_bitstream_getbits
    - debian/patches/CVE-2016-9391.patch: add tests to
      src/libjasper/jpc/jpc_bs.c, src/libjasper/jpc/jpc_cs.c.
    - CVE-2016-9391
  * SECURITY UPDATE: multiple denial of service issues
    - debian/patches/CVE-2016-9392-3-4.patch: add more checks to
      src/libjasper/jpc/jpc_cs.c.
    - CVE-2016-9392
    - CVE-2016-9393
    - CVE-2016-9394
  * SECURITY UPDATE: denial of service in JPC_NOMINALGAIN
    - debian/patches/CVE-2016-9396.patch: add check to
      src/libjasper/jpc/jpc_cs.c.
    - CVE-2016-9396
  * SECURITY UPDATE: denial of service via crafted image
    - debian/patches/CVE-2016-9600.patch: add more checks to
      src/libjasper/jp2/jp2_enc.c.
    - CVE-2016-9600
  * SECURITY UPDATE: NULL pointer exception in jp2_encode
    - debian/patches/CVE-2017-1000050.patch: check number of components in
      src/libjasper/jp2/jp2_enc.c.
    - CVE-2017-1000050
  * SECURITY UPDATE: denial of service in jp2_cdef_destroy
    - debian/patches/CVE-2017-6850.patch: initialize data in
      src/libjasper/base/jas_stream.c, src/libjasper/jp2/jp2_cod.c.
    - CVE-2017-6850

ubuntu/trusty-updates 2018-06-27 17:28:28 UTC 2018-06-27
Import patches-unapplied version 1.900.1-14ubuntu3.5 to ubuntu/trusty-security

Author: Marc Deslauriers
Author Date: 2018-06-27 15:04:48 UTC

Import patches-unapplied version 1.900.1-14ubuntu3.5 to ubuntu/trusty-security

Imported using git-ubuntu import.

Changelog parent: 63db9c9612c314aae2a9fa1278a8eafd23f809ab

New changelog entries:
  * SECURITY UPDATE: double-free in jasper_image_stop_load
    - debian/patches/CVE-2015-5203-CVE-2016-9262.patch: fix overflow and
      double free in src/libjasper/base/jas_image.c,
      src/libjasper/include/jasper/jas_math.h.
      (Thanks to Red Hat for the patch!)
    - CVE-2015-5203
  * SECURITY UPDATE: use-after-free in mif_process_cmpt
    - debian/patches/CVE-2015-5221.patch: fix use-after-free in
      src/libjasper/mif/mif_cod.c.
    - CVE-2015-5221
  * SECURITY UPDATE: denial of service in jpc_tsfb_synthesize
    - debian/patches/CVE-2016-10248.patch: fix type promotion and prevent
      null pointer dereference in src/libjasper/include/jasper/jas_seq.h,
      src/libjasper/jpc/jpc_dec.c, src/libjasper/jpc/jpc_tsfb.c.
    - CVE-2016-10248
  * SECURITY UPDATE: denial of service in jp2_colr_destroy
    - debian/patches/CVE-2016-10250.patch: fix cleanup in
      src/libjasper/jp2/jp2_cod.c.
    - CVE-2016-10250
  * SECURITY UPDATE: denial of service in jpc_dec_tiledecode
    - debian/patches/CVE-2016-8883.patch: remove asserts in
      src/libjasper/jpc/jpc_dec.c.
    - CVE-2016-8883
  * SECURITY UPDATE: denial of service in jp2_colr_destroy
    - debian/patches/CVE-2016-8887.patch: don't destroy box that doesn't
      exist in src/libjasper/jp2/jp2_cod.c, src/libjasper/jp2/jp2_dec.c.
    - CVE-2016-8887
  * SECURITY UPDATE: integer overflow in jpc_dec_process_siz
    - debian/patches/CVE-2016-9387-1.patch: fix overflow in
      src/libjasper/jpc/jpc_dec.c.
    - debian/patches/CVE-2016-9387-2.patch: add more checks to
      src/libjasper/jpc/jpc_dec.c.
    - CVE-2016-9387
  * SECURITY UPDATE: denial of service in ras_getcmap
    - debian/patches/CVE-2016-9388.patch: remove assertions in
      src/libjasper/ras/ras_dec.c, src/libjasper/ras/ras_enc.c.
    - CVE-2016-9388
  * SECURITY UPDATE: denial of service in jpc_irct and jpc_iict functions
    - debian/patches/CVE-2016-9389.patch: add check to
      src/libjasper/base/jas_image.c, src/libjasper/jpc/jpc_dec.c,
      src/libjasper/include/jasper/jas_image.h.
    - CVE-2016-9389
  * SECURITY UPDATE: denial of service in jas_seq2d_create
    - debian/patches/CVE-2016-9390.patch: check tiles in
      src/libjasper/jpc/jpc_cs.c.
    - CVE-2016-9390
  * SECURITY UPDATE: denial of service in jpc_bitstream_getbits
    - debian/patches/CVE-2016-9391.patch: add tests to
      src/libjasper/jpc/jpc_bs.c, src/libjasper/jpc/jpc_cs.c.
    - CVE-2016-9391
  * SECURITY UPDATE: multiple denial of service issues
    - debian/patches/CVE-2016-9392-3-4.patch: add more checks to
      src/libjasper/jpc/jpc_cs.c.
    - CVE-2016-9392
    - CVE-2016-9393
    - CVE-2016-9394
  * SECURITY UPDATE: denial of service in JPC_NOMINALGAIN
    - debian/patches/CVE-2016-9396.patch: add check to
      src/libjasper/jpc/jpc_cs.c.
    - CVE-2016-9396
  * SECURITY UPDATE: denial of service via crafted image
    - debian/patches/CVE-2016-9600.patch: add more checks to
      src/libjasper/jp2/jp2_enc.c.
    - CVE-2016-9600
  * SECURITY UPDATE: NULL pointer exception in jp2_encode
    - debian/patches/CVE-2017-1000050.patch: check number of components in
      src/libjasper/jp2/jp2_enc.c.
    - CVE-2017-1000050
  * SECURITY UPDATE: denial of service in jp2_cdef_destroy
    - debian/patches/CVE-2017-6850.patch: initialize data in
      src/libjasper/base/jas_stream.c, src/libjasper/jp2/jp2_cod.c.
    - CVE-2017-6850

applied/ubuntu/trusty-devel 2018-06-27 17:28:28 UTC 2018-06-27
Import patches-applied version 1.900.1-14ubuntu3.5 to applied/ubuntu/trusty-s...

Author: Marc Deslauriers
Author Date: 2018-06-27 15:04:48 UTC

Import patches-applied version 1.900.1-14ubuntu3.5 to applied/ubuntu/trusty-security

Imported using git-ubuntu import.

Changelog parent: 5d03d9677770e4f49c3aa134c9718f3716d04498
Unapplied parent: 935776fd074010afc3f203bef5813ec72b137556

New changelog entries:
  * SECURITY UPDATE: double-free in jasper_image_stop_load
    - debian/patches/CVE-2015-5203-CVE-2016-9262.patch: fix overflow and
      double free in src/libjasper/base/jas_image.c,
      src/libjasper/include/jasper/jas_math.h.
      (Thanks to Red Hat for the patch!)
    - CVE-2015-5203
  * SECURITY UPDATE: use-after-free in mif_process_cmpt
    - debian/patches/CVE-2015-5221.patch: fix use-after-free in
      src/libjasper/mif/mif_cod.c.
    - CVE-2015-5221
  * SECURITY UPDATE: denial of service in jpc_tsfb_synthesize
    - debian/patches/CVE-2016-10248.patch: fix type promotion and prevent
      null pointer dereference in src/libjasper/include/jasper/jas_seq.h,
      src/libjasper/jpc/jpc_dec.c, src/libjasper/jpc/jpc_tsfb.c.
    - CVE-2016-10248
  * SECURITY UPDATE: denial of service in jp2_colr_destroy
    - debian/patches/CVE-2016-10250.patch: fix cleanup in
      src/libjasper/jp2/jp2_cod.c.
    - CVE-2016-10250
  * SECURITY UPDATE: denial of service in jpc_dec_tiledecode
    - debian/patches/CVE-2016-8883.patch: remove asserts in
      src/libjasper/jpc/jpc_dec.c.
    - CVE-2016-8883
  * SECURITY UPDATE: denial of service in jp2_colr_destroy
    - debian/patches/CVE-2016-8887.patch: don't destroy box that doesn't
      exist in src/libjasper/jp2/jp2_cod.c, src/libjasper/jp2/jp2_dec.c.
    - CVE-2016-8887
  * SECURITY UPDATE: integer overflow in jpc_dec_process_siz
    - debian/patches/CVE-2016-9387-1.patch: fix overflow in
      src/libjasper/jpc/jpc_dec.c.
    - debian/patches/CVE-2016-9387-2.patch: add more checks to
      src/libjasper/jpc/jpc_dec.c.
    - CVE-2016-9387
  * SECURITY UPDATE: denial of service in ras_getcmap
    - debian/patches/CVE-2016-9388.patch: remove assertions in
      src/libjasper/ras/ras_dec.c, src/libjasper/ras/ras_enc.c.
    - CVE-2016-9388
  * SECURITY UPDATE: denial of service in jpc_irct and jpc_iict functions
    - debian/patches/CVE-2016-9389.patch: add check to
      src/libjasper/base/jas_image.c, src/libjasper/jpc/jpc_dec.c,
      src/libjasper/include/jasper/jas_image.h.
    - CVE-2016-9389
  * SECURITY UPDATE: denial of service in jas_seq2d_create
    - debian/patches/CVE-2016-9390.patch: check tiles in
      src/libjasper/jpc/jpc_cs.c.
    - CVE-2016-9390
  * SECURITY UPDATE: denial of service in jpc_bitstream_getbits
    - debian/patches/CVE-2016-9391.patch: add tests to
      src/libjasper/jpc/jpc_bs.c, src/libjasper/jpc/jpc_cs.c.
    - CVE-2016-9391
  * SECURITY UPDATE: multiple denial of service issues
    - debian/patches/CVE-2016-9392-3-4.patch: add more checks to
      src/libjasper/jpc/jpc_cs.c.
    - CVE-2016-9392
    - CVE-2016-9393
    - CVE-2016-9394
  * SECURITY UPDATE: denial of service in JPC_NOMINALGAIN
    - debian/patches/CVE-2016-9396.patch: add check to
      src/libjasper/jpc/jpc_cs.c.
    - CVE-2016-9396
  * SECURITY UPDATE: denial of service via crafted image
    - debian/patches/CVE-2016-9600.patch: add more checks to
      src/libjasper/jp2/jp2_enc.c.
    - CVE-2016-9600
  * SECURITY UPDATE: NULL pointer exception in jp2_encode
    - debian/patches/CVE-2017-1000050.patch: check number of components in
      src/libjasper/jp2/jp2_enc.c.
    - CVE-2017-1000050
  * SECURITY UPDATE: denial of service in jp2_cdef_destroy
    - debian/patches/CVE-2017-6850.patch: initialize data in
      src/libjasper/base/jas_stream.c, src/libjasper/jp2/jp2_cod.c.
    - CVE-2017-6850

ubuntu/trusty-devel 2018-06-27 17:28:28 UTC 2018-06-27
Import patches-unapplied version 1.900.1-14ubuntu3.5 to ubuntu/trusty-security

Author: Marc Deslauriers
Author Date: 2018-06-27 15:04:48 UTC

Import patches-unapplied version 1.900.1-14ubuntu3.5 to ubuntu/trusty-security

Imported using git-ubuntu import.

Changelog parent: 63db9c9612c314aae2a9fa1278a8eafd23f809ab

New changelog entries:
  * SECURITY UPDATE: double-free in jasper_image_stop_load
    - debian/patches/CVE-2015-5203-CVE-2016-9262.patch: fix overflow and
      double free in src/libjasper/base/jas_image.c,
      src/libjasper/include/jasper/jas_math.h.
      (Thanks to Red Hat for the patch!)
    - CVE-2015-5203
  * SECURITY UPDATE: use-after-free in mif_process_cmpt
    - debian/patches/CVE-2015-5221.patch: fix use-after-free in
      src/libjasper/mif/mif_cod.c.
    - CVE-2015-5221
  * SECURITY UPDATE: denial of service in jpc_tsfb_synthesize
    - debian/patches/CVE-2016-10248.patch: fix type promotion and prevent
      null pointer dereference in src/libjasper/include/jasper/jas_seq.h,
      src/libjasper/jpc/jpc_dec.c, src/libjasper/jpc/jpc_tsfb.c.
    - CVE-2016-10248
  * SECURITY UPDATE: denial of service in jp2_colr_destroy
    - debian/patches/CVE-2016-10250.patch: fix cleanup in
      src/libjasper/jp2/jp2_cod.c.
    - CVE-2016-10250
  * SECURITY UPDATE: denial of service in jpc_dec_tiledecode
    - debian/patches/CVE-2016-8883.patch: remove asserts in
      src/libjasper/jpc/jpc_dec.c.
    - CVE-2016-8883
  * SECURITY UPDATE: denial of service in jp2_colr_destroy
    - debian/patches/CVE-2016-8887.patch: don't destroy box that doesn't
      exist in src/libjasper/jp2/jp2_cod.c, src/libjasper/jp2/jp2_dec.c.
    - CVE-2016-8887
  * SECURITY UPDATE: integer overflow in jpc_dec_process_siz
    - debian/patches/CVE-2016-9387-1.patch: fix overflow in
      src/libjasper/jpc/jpc_dec.c.
    - debian/patches/CVE-2016-9387-2.patch: add more checks to
      src/libjasper/jpc/jpc_dec.c.
    - CVE-2016-9387
  * SECURITY UPDATE: denial of service in ras_getcmap
    - debian/patches/CVE-2016-9388.patch: remove assertions in
      src/libjasper/ras/ras_dec.c, src/libjasper/ras/ras_enc.c.
    - CVE-2016-9388
  * SECURITY UPDATE: denial of service in jpc_irct and jpc_iict functions
    - debian/patches/CVE-2016-9389.patch: add check to
      src/libjasper/base/jas_image.c, src/libjasper/jpc/jpc_dec.c,
      src/libjasper/include/jasper/jas_image.h.
    - CVE-2016-9389
  * SECURITY UPDATE: denial of service in jas_seq2d_create
    - debian/patches/CVE-2016-9390.patch: check tiles in
      src/libjasper/jpc/jpc_cs.c.
    - CVE-2016-9390
  * SECURITY UPDATE: denial of service in jpc_bitstream_getbits
    - debian/patches/CVE-2016-9391.patch: add tests to
      src/libjasper/jpc/jpc_bs.c, src/libjasper/jpc/jpc_cs.c.
    - CVE-2016-9391
  * SECURITY UPDATE: multiple denial of service issues
    - debian/patches/CVE-2016-9392-3-4.patch: add more checks to
      src/libjasper/jpc/jpc_cs.c.
    - CVE-2016-9392
    - CVE-2016-9393
    - CVE-2016-9394
  * SECURITY UPDATE: denial of service in JPC_NOMINALGAIN
    - debian/patches/CVE-2016-9396.patch: add check to
      src/libjasper/jpc/jpc_cs.c.
    - CVE-2016-9396
  * SECURITY UPDATE: denial of service via crafted image
    - debian/patches/CVE-2016-9600.patch: add more checks to
      src/libjasper/jp2/jp2_enc.c.
    - CVE-2016-9600
  * SECURITY UPDATE: NULL pointer exception in jp2_encode
    - debian/patches/CVE-2017-1000050.patch: check number of components in
      src/libjasper/jp2/jp2_enc.c.
    - CVE-2017-1000050
  * SECURITY UPDATE: denial of service in jp2_cdef_destroy
    - debian/patches/CVE-2017-6850.patch: initialize data in
      src/libjasper/base/jas_stream.c, src/libjasper/jp2/jp2_cod.c.
    - CVE-2017-6850

ubuntu/xenial-updates 2018-06-27 17:28:28 UTC 2018-06-27
Import patches-unapplied version 1.900.1-debian1-2.4ubuntu1.2 to ubuntu/xenia...

Author: Marc Deslauriers
Author Date: 2018-06-27 11:48:44 UTC

Import patches-unapplied version 1.900.1-debian1-2.4ubuntu1.2 to ubuntu/xenial-security

Imported using git-ubuntu import.

Changelog parent: 9f327eb79e6d9d3075b5db12abc0fec9f131570e

New changelog entries:
  * SECURITY UPDATE: double-free in jasper_image_stop_load
    - debian/patches/CVE-2015-5203-CVE-2016-9262.patch: fix overflow and
      double free in src/libjasper/base/jas_image.c,
      src/libjasper/include/jasper/jas_math.h.
      (Thanks to Red Hat for the patch!)
    - CVE-2015-5203
  * SECURITY UPDATE: use-after-free in mif_process_cmpt
    - debian/patches/CVE-2015-5221.patch: fix use-after-free in
      src/libjasper/mif/mif_cod.c.
    - CVE-2015-5221
  * SECURITY UPDATE: denial of service in jpc_tsfb_synthesize
    - debian/patches/CVE-2016-10248.patch: fix type promotion and prevent
      null pointer dereference in src/libjasper/include/jasper/jas_seq.h,
      src/libjasper/jpc/jpc_dec.c, src/libjasper/jpc/jpc_tsfb.c.
    - CVE-2016-10248
  * SECURITY UPDATE: denial of service in jp2_colr_destroy
    - debian/patches/CVE-2016-10250.patch: fix cleanup in
      src/libjasper/jp2/jp2_cod.c.
    - CVE-2016-10250
  * SECURITY UPDATE: denial of service in jpc_dec_tiledecode
    - debian/patches/CVE-2016-8883.patch: remove asserts in
      src/libjasper/jpc/jpc_dec.c.
    - CVE-2016-8883
  * SECURITY UPDATE: denial of service in jp2_colr_destroy
    - debian/patches/CVE-2016-8887.patch: don't destroy box that doesn't
      exist in src/libjasper/jp2/jp2_cod.c, src/libjasper/jp2/jp2_dec.c.
    - CVE-2016-8887
  * SECURITY UPDATE: integer overflow in jpc_dec_process_siz
    - debian/patches/CVE-2016-9387-1.patch: fix overflow in
      src/libjasper/jpc/jpc_dec.c.
    - debian/patches/CVE-2016-9387-2.patch: add more checks to
      src/libjasper/jpc/jpc_dec.c.
    - CVE-2016-9387
  * SECURITY UPDATE: denial of service in ras_getcmap
    - debian/patches/CVE-2016-9388.patch: remove assertions in
      src/libjasper/ras/ras_dec.c, src/libjasper/ras/ras_enc.c.
    - CVE-2016-9388
  * SECURITY UPDATE: denial of service in jpc_irct and jpc_iict functions
    - debian/patches/CVE-2016-9389.patch: add check to
      src/libjasper/base/jas_image.c, src/libjasper/jpc/jpc_dec.c,
      src/libjasper/include/jasper/jas_image.h.
    - CVE-2016-9389
  * SECURITY UPDATE: denial of service in jas_seq2d_create
    - debian/patches/CVE-2016-9390.patch: check tiles in
      src/libjasper/jpc/jpc_cs.c.
    - CVE-2016-9390
  * SECURITY UPDATE: denial of service in jpc_bitstream_getbits
    - debian/patches/CVE-2016-9391.patch: add tests to
      src/libjasper/jpc/jpc_bs.c, src/libjasper/jpc/jpc_cs.c.
    - CVE-2016-9391
  * SECURITY UPDATE: multiple denial of service issues
    - debian/patches/CVE-2016-9392-3-4.patch: add more checks to
      src/libjasper/jpc/jpc_cs.c.
    - CVE-2016-9392
    - CVE-2016-9393
    - CVE-2016-9394
  * SECURITY UPDATE: denial of service in JPC_NOMINALGAIN
    - debian/patches/CVE-2016-9396.patch: add check to
      src/libjasper/jpc/jpc_cs.c.
    - CVE-2016-9396
  * SECURITY UPDATE: denial of service via crafted image
    - debian/patches/CVE-2016-9600.patch: add more checks to
      src/libjasper/jp2/jp2_enc.c.
    - CVE-2016-9600
  * SECURITY UPDATE: NULL pointer exception in jp2_encode
    - debian/patches/CVE-2017-1000050.patch: check number of components in
      src/libjasper/jp2/jp2_enc.c.
    - CVE-2017-1000050
  * SECURITY UPDATE: denial of service in jp2_cdef_destroy
    - debian/patches/CVE-2017-6850.patch: initialize data in
      src/libjasper/base/jas_stream.c, src/libjasper/jp2/jp2_cod.c.
    - CVE-2017-6850

ubuntu/trusty-security 2018-06-27 17:28:28 UTC 2018-06-27
Import patches-unapplied version 1.900.1-14ubuntu3.5 to ubuntu/trusty-security

Author: Marc Deslauriers
Author Date: 2018-06-27 15:04:48 UTC

Import patches-unapplied version 1.900.1-14ubuntu3.5 to ubuntu/trusty-security

Imported using git-ubuntu import.

Changelog parent: 63db9c9612c314aae2a9fa1278a8eafd23f809ab

New changelog entries:
  * SECURITY UPDATE: double-free in jasper_image_stop_load
    - debian/patches/CVE-2015-5203-CVE-2016-9262.patch: fix overflow and
      double free in src/libjasper/base/jas_image.c,
      src/libjasper/include/jasper/jas_math.h.
      (Thanks to Red Hat for the patch!)
    - CVE-2015-5203
  * SECURITY UPDATE: use-after-free in mif_process_cmpt
    - debian/patches/CVE-2015-5221.patch: fix use-after-free in
      src/libjasper/mif/mif_cod.c.
    - CVE-2015-5221
  * SECURITY UPDATE: denial of service in jpc_tsfb_synthesize
    - debian/patches/CVE-2016-10248.patch: fix type promotion and prevent
      null pointer dereference in src/libjasper/include/jasper/jas_seq.h,
      src/libjasper/jpc/jpc_dec.c, src/libjasper/jpc/jpc_tsfb.c.
    - CVE-2016-10248
  * SECURITY UPDATE: denial of service in jp2_colr_destroy
    - debian/patches/CVE-2016-10250.patch: fix cleanup in
      src/libjasper/jp2/jp2_cod.c.
    - CVE-2016-10250
  * SECURITY UPDATE: denial of service in jpc_dec_tiledecode
    - debian/patches/CVE-2016-8883.patch: remove asserts in
      src/libjasper/jpc/jpc_dec.c.
    - CVE-2016-8883
  * SECURITY UPDATE: denial of service in jp2_colr_destroy
    - debian/patches/CVE-2016-8887.patch: don't destroy box that doesn't
      exist in src/libjasper/jp2/jp2_cod.c, src/libjasper/jp2/jp2_dec.c.
    - CVE-2016-8887
  * SECURITY UPDATE: integer overflow in jpc_dec_process_siz
    - debian/patches/CVE-2016-9387-1.patch: fix overflow in
      src/libjasper/jpc/jpc_dec.c.
    - debian/patches/CVE-2016-9387-2.patch: add more checks to
      src/libjasper/jpc/jpc_dec.c.
    - CVE-2016-9387
  * SECURITY UPDATE: denial of service in ras_getcmap
    - debian/patches/CVE-2016-9388.patch: remove assertions in
      src/libjasper/ras/ras_dec.c, src/libjasper/ras/ras_enc.c.
    - CVE-2016-9388
  * SECURITY UPDATE: denial of service in jpc_irct and jpc_iict functions
    - debian/patches/CVE-2016-9389.patch: add check to
      src/libjasper/base/jas_image.c, src/libjasper/jpc/jpc_dec.c,
      src/libjasper/include/jasper/jas_image.h.
    - CVE-2016-9389
  * SECURITY UPDATE: denial of service in jas_seq2d_create
    - debian/patches/CVE-2016-9390.patch: check tiles in
      src/libjasper/jpc/jpc_cs.c.
    - CVE-2016-9390
  * SECURITY UPDATE: denial of service in jpc_bitstream_getbits
    - debian/patches/CVE-2016-9391.patch: add tests to
      src/libjasper/jpc/jpc_bs.c, src/libjasper/jpc/jpc_cs.c.
    - CVE-2016-9391
  * SECURITY UPDATE: multiple denial of service issues
    - debian/patches/CVE-2016-9392-3-4.patch: add more checks to
      src/libjasper/jpc/jpc_cs.c.
    - CVE-2016-9392
    - CVE-2016-9393
    - CVE-2016-9394
  * SECURITY UPDATE: denial of service in JPC_NOMINALGAIN
    - debian/patches/CVE-2016-9396.patch: add check to
      src/libjasper/jpc/jpc_cs.c.
    - CVE-2016-9396
  * SECURITY UPDATE: denial of service via crafted image
    - debian/patches/CVE-2016-9600.patch: add more checks to
      src/libjasper/jp2/jp2_enc.c.
    - CVE-2016-9600
  * SECURITY UPDATE: NULL pointer exception in jp2_encode
    - debian/patches/CVE-2017-1000050.patch: check number of components in
      src/libjasper/jp2/jp2_enc.c.
    - CVE-2017-1000050
  * SECURITY UPDATE: denial of service in jp2_cdef_destroy
    - debian/patches/CVE-2017-6850.patch: initialize data in
      src/libjasper/base/jas_stream.c, src/libjasper/jp2/jp2_cod.c.
    - CVE-2017-6850

importer/ubuntu/pristine-tar 2018-03-16 05:18:38 UTC 2018-03-16
pristine-tar data for jasper_1.900.1-debian1.orig.tar.gz

Author: Ubuntu Git Importer
Author Date: 2018-03-16 05:18:38 UTC

pristine-tar data for jasper_1.900.1-debian1.orig.tar.gz

importer/debian/dsc 2018-03-16 05:09:05 UTC 2018-03-16
DSC file for 1.900.1-debian1-2.4+deb8u3

Author: Ubuntu Git Importer
Author Date: 2018-03-16 05:09:05 UTC

DSC file for 1.900.1-debian1-2.4+deb8u3

importer/debian/pristine-tar 2018-03-16 05:06:48 UTC 2018-03-16
pristine-tar data for jasper_1.900.1-debian1.orig.tar.gz

Author: Ubuntu Git Importer
Author Date: 2018-03-16 05:06:48 UTC

pristine-tar data for jasper_1.900.1-debian1.orig.tar.gz

applied/debian/jessie 2017-05-07 04:54:32 UTC 2017-05-07
Import patches-applied version 1.900.1-debian1-2.4+deb8u3 to applied/debian/j...

Author: Moritz Mühlenhoff
Author Date: 2017-04-02 17:59:44 UTC

Import patches-applied version 1.900.1-debian1-2.4+deb8u3 to applied/debian/jessie

Imported using git-ubuntu import.

Changelog parent: 2c9970a7ab0505fd3dc50571ac2c7ab3561ea727
Unapplied parent: 7deff7780c77e81a427de2fe9133ee3c972be23d

New changelog entries:
  * CVE-2016-9591 CVE-2016-10249 CVE-2016-10251
  * CVE-2016-1867 CVE-2016-8654 CVE-2016-8691 CVE-2016-8692
    CVE-2016-8693 CVE-2016-8882 CVE-2016-9560

debian/jessie 2017-05-07 04:54:32 UTC 2017-05-07
Import patches-unapplied version 1.900.1-debian1-2.4+deb8u3 to debian/jessie

Author: Moritz Mühlenhoff
Author Date: 2017-04-02 17:59:44 UTC

Import patches-unapplied version 1.900.1-debian1-2.4+deb8u3 to debian/jessie

Imported using git-ubuntu import.

Changelog parent: 19d052130f9069f7ff1c38f7e7ff72f544002279

New changelog entries:
  * CVE-2016-9591 CVE-2016-10249 CVE-2016-10251
  * CVE-2016-1867 CVE-2016-8654 CVE-2016-8691 CVE-2016-8692
    CVE-2016-8693 CVE-2016-8882 CVE-2016-9560

applied/ubuntu/yakkety-devel 2017-04-18 16:18:19 UTC 2017-04-18
Import patches-applied version 1.900.1-debian1-2.4+deb8u3build0.16.10.1 to ap...

Author: Tyler Hicks
Author Date: 2017-04-18 14:59:16 UTC

Import patches-applied version 1.900.1-debian1-2.4+deb8u3build0.16.10.1 to applied/ubuntu/yakkety-security

Imported using git-ubuntu import.

Changelog parent: 2de67de17402a4da907f70a59bcbcbbe12bdc61d
Unapplied parent: 9a463e702bb4da57fbd2c6a1768ed5d1017dd29f

New changelog entries:
  * fake sync from Debian

applied/ubuntu/yakkety-security 2017-04-18 16:18:19 UTC 2017-04-18
Import patches-applied version 1.900.1-debian1-2.4+deb8u3build0.16.10.1 to ap...

Author: Tyler Hicks
Author Date: 2017-04-18 14:59:16 UTC

Import patches-applied version 1.900.1-debian1-2.4+deb8u3build0.16.10.1 to applied/ubuntu/yakkety-security

Imported using git-ubuntu import.

Changelog parent: 2de67de17402a4da907f70a59bcbcbbe12bdc61d
Unapplied parent: 9a463e702bb4da57fbd2c6a1768ed5d1017dd29f

New changelog entries:
  * fake sync from Debian

ubuntu/yakkety-updates 2017-04-18 16:18:19 UTC 2017-04-18
Import patches-unapplied version 1.900.1-debian1-2.4+deb8u3build0.16.10.1 to ...

Author: Tyler Hicks
Author Date: 2017-04-18 14:59:16 UTC

Import patches-unapplied version 1.900.1-debian1-2.4+deb8u3build0.16.10.1 to ubuntu/yakkety-security

Imported using git-ubuntu import.

Changelog parent: f6ff8232a741355c690c15f61328e0a2fef8b0fb

New changelog entries:
  * fake sync from Debian

applied/ubuntu/yakkety-updates 2017-04-18 16:18:19 UTC 2017-04-18
Import patches-applied version 1.900.1-debian1-2.4+deb8u3build0.16.10.1 to ap...

Author: Tyler Hicks
Author Date: 2017-04-18 14:59:16 UTC

Import patches-applied version 1.900.1-debian1-2.4+deb8u3build0.16.10.1 to applied/ubuntu/yakkety-security

Imported using git-ubuntu import.

Changelog parent: 2de67de17402a4da907f70a59bcbcbbe12bdc61d
Unapplied parent: 9a463e702bb4da57fbd2c6a1768ed5d1017dd29f

New changelog entries:
  * fake sync from Debian

ubuntu/yakkety-devel 2017-04-18 16:18:19 UTC 2017-04-18
Import patches-unapplied version 1.900.1-debian1-2.4+deb8u3build0.16.10.1 to ...

Author: Tyler Hicks
Author Date: 2017-04-18 14:59:16 UTC

Import patches-unapplied version 1.900.1-debian1-2.4+deb8u3build0.16.10.1 to ubuntu/yakkety-security

Imported using git-ubuntu import.

Changelog parent: f6ff8232a741355c690c15f61328e0a2fef8b0fb

New changelog entries:
  * fake sync from Debian

ubuntu/yakkety-security 2017-04-18 16:18:19 UTC 2017-04-18
Import patches-unapplied version 1.900.1-debian1-2.4+deb8u3build0.16.10.1 to ...

Author: Tyler Hicks
Author Date: 2017-04-18 14:59:16 UTC

Import patches-unapplied version 1.900.1-debian1-2.4+deb8u3build0.16.10.1 to ubuntu/yakkety-security

Imported using git-ubuntu import.

Changelog parent: f6ff8232a741355c690c15f61328e0a2fef8b0fb

New changelog entries:
  * fake sync from Debian

debian/wheezy 2016-04-02 23:32:52 UTC 2016-04-02
Import patches-unapplied version 1.900.1-13+deb7u4 to debian/wheezy

Author: Salvatore Bonaccorso
Author Date: 2016-03-06 14:09:28 UTC

Import patches-unapplied version 1.900.1-13+deb7u4 to debian/wheezy

Imported using git-ubuntu import.

Changelog parent: 5269d886165f665793baa912de7125916a17fe9c

New changelog entries:
  * Non-maintainer upload by the Security Team.
  * CVE-2016-1577: Prevent double-free in jas_iccattrval_destroy()
    (Closes: #816625)
  * CVE-2016-2089: matrix rows_ NULL pointer dereference in jas_matrix_clip()
    (Closes: #812978)
  * CVE-2016-2116: Prevent jas_stream_t memory leak in
    jas_iccprof_createfrombuf() (Closes: #816626)

applied/debian/wheezy 2016-04-02 23:32:52 UTC 2016-04-02
Import patches-applied version 1.900.1-13+deb7u4 to applied/debian/wheezy

Author: Salvatore Bonaccorso
Author Date: 2016-03-06 14:09:28 UTC

Import patches-applied version 1.900.1-13+deb7u4 to applied/debian/wheezy

Imported using git-ubuntu import.

Changelog parent: d2e9740d92bc0113cc96f160e94e3c62844e0fca
Unapplied parent: f00c1f76e85fd4d56cb6c247dd4070d81d2b01d1

New changelog entries:
  * Non-maintainer upload by the Security Team.
  * CVE-2016-1577: Prevent double-free in jas_iccattrval_destroy()
    (Closes: #816625)
  * CVE-2016-2089: matrix rows_ NULL pointer dereference in jas_matrix_clip()
    (Closes: #812978)
  * CVE-2016-2116: Prevent jas_stream_t memory leak in
    jas_iccprof_createfrombuf() (Closes: #816626)

ubuntu/yakkety-proposed 2016-04-02 22:17:09 UTC 2016-04-02
Import patches-unapplied version 1.900.1-debian1-2.4+deb8u1 to debian/sid

Author: Salvatore Bonaccorso
Author Date: 2016-03-06 13:49:44 UTC

Import patches-unapplied version 1.900.1-debian1-2.4+deb8u1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: fe9f6f6486639c502f0af1fc3572b31882756406

New changelog entries:
  * Non-maintainer upload by the Security Team.
  * CVE-2016-1577: Prevent double-free in jas_iccattrval_destroy()
    (Closes: #816625)
  * CVE-2016-2089: matrix rows_ NULL pointer dereference in jas_matrix_clip()
    (Closes: #812978)
  * CVE-2016-2116: Prevent jas_stream_t memory leak in
    jas_iccprof_createfrombuf() (Closes: #816626)

ubuntu/devel 2016-04-02 22:17:09 UTC 2016-04-02
Import patches-unapplied version 1.900.1-debian1-2.4+deb8u1 to debian/sid

Author: Salvatore Bonaccorso
Author Date: 2016-03-06 13:49:44 UTC

Import patches-unapplied version 1.900.1-debian1-2.4+deb8u1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: fe9f6f6486639c502f0af1fc3572b31882756406

New changelog entries:
  * Non-maintainer upload by the Security Team.
  * CVE-2016-1577: Prevent double-free in jas_iccattrval_destroy()
    (Closes: #816625)
  * CVE-2016-2089: matrix rows_ NULL pointer dereference in jas_matrix_clip()
    (Closes: #812978)
  * CVE-2016-2116: Prevent jas_stream_t memory leak in
    jas_iccprof_createfrombuf() (Closes: #816626)

applied/ubuntu/yakkety 2016-04-02 22:17:09 UTC 2016-04-02
Import patches-applied version 1.900.1-debian1-2.4+deb8u1 to applied/debian/sid

Author: Salvatore Bonaccorso
Author Date: 2016-03-06 13:49:44 UTC

Import patches-applied version 1.900.1-debian1-2.4+deb8u1 to applied/debian/sid

Imported using git-ubuntu import.

Changelog parent: 066897723810fa1baab8dc1563c8d35a4d0e83c6
Unapplied parent: 32179767221d54b0334d80e6fcdac19050bea6ab

New changelog entries:
  * Non-maintainer upload by the Security Team.
  * CVE-2016-1577: Prevent double-free in jas_iccattrval_destroy()
    (Closes: #816625)
  * CVE-2016-2089: matrix rows_ NULL pointer dereference in jas_matrix_clip()
    (Closes: #812978)
  * CVE-2016-2116: Prevent jas_stream_t memory leak in
    jas_iccprof_createfrombuf() (Closes: #816626)

applied/debian/stretch 2016-04-02 22:17:09 UTC 2016-04-02
Import patches-applied version 1.900.1-debian1-2.4+deb8u1 to applied/debian/sid

Author: Salvatore Bonaccorso
Author Date: 2016-03-06 13:49:44 UTC

Import patches-applied version 1.900.1-debian1-2.4+deb8u1 to applied/debian/sid

Imported using git-ubuntu import.

Changelog parent: 066897723810fa1baab8dc1563c8d35a4d0e83c6
Unapplied parent: 32179767221d54b0334d80e6fcdac19050bea6ab

New changelog entries:
  * Non-maintainer upload by the Security Team.
  * CVE-2016-1577: Prevent double-free in jas_iccattrval_destroy()
    (Closes: #816625)
  * CVE-2016-2089: matrix rows_ NULL pointer dereference in jas_matrix_clip()
    (Closes: #812978)
  * CVE-2016-2116: Prevent jas_stream_t memory leak in
    jas_iccprof_createfrombuf() (Closes: #816626)

applied/ubuntu/devel 2016-04-02 22:17:09 UTC 2016-04-02
Import patches-applied version 1.900.1-debian1-2.4+deb8u1 to applied/debian/sid

Author: Salvatore Bonaccorso
Author Date: 2016-03-06 13:49:44 UTC

Import patches-applied version 1.900.1-debian1-2.4+deb8u1 to applied/debian/sid

Imported using git-ubuntu import.

Changelog parent: 066897723810fa1baab8dc1563c8d35a4d0e83c6
Unapplied parent: 32179767221d54b0334d80e6fcdac19050bea6ab

New changelog entries:
  * Non-maintainer upload by the Security Team.
  * CVE-2016-1577: Prevent double-free in jas_iccattrval_destroy()
    (Closes: #816625)
  * CVE-2016-2089: matrix rows_ NULL pointer dereference in jas_matrix_clip()
    (Closes: #812978)
  * CVE-2016-2116: Prevent jas_stream_t memory leak in
    jas_iccprof_createfrombuf() (Closes: #816626)

ubuntu/yakkety 2016-04-02 22:17:09 UTC 2016-04-02
Import patches-unapplied version 1.900.1-debian1-2.4+deb8u1 to debian/sid

Author: Salvatore Bonaccorso
Author Date: 2016-03-06 13:49:44 UTC

Import patches-unapplied version 1.900.1-debian1-2.4+deb8u1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: fe9f6f6486639c502f0af1fc3572b31882756406

New changelog entries:
  * Non-maintainer upload by the Security Team.
  * CVE-2016-1577: Prevent double-free in jas_iccattrval_destroy()
    (Closes: #816625)
  * CVE-2016-2089: matrix rows_ NULL pointer dereference in jas_matrix_clip()
    (Closes: #812978)
  * CVE-2016-2116: Prevent jas_stream_t memory leak in
    jas_iccprof_createfrombuf() (Closes: #816626)

applied/debian/sid 2016-04-02 22:17:09 UTC 2016-04-02
Import patches-applied version 1.900.1-debian1-2.4+deb8u1 to applied/debian/sid

Author: Salvatore Bonaccorso
Author Date: 2016-03-06 13:49:44 UTC

Import patches-applied version 1.900.1-debian1-2.4+deb8u1 to applied/debian/sid

Imported using git-ubuntu import.

Changelog parent: 066897723810fa1baab8dc1563c8d35a4d0e83c6
Unapplied parent: 32179767221d54b0334d80e6fcdac19050bea6ab

New changelog entries:
  * Non-maintainer upload by the Security Team.
  * CVE-2016-1577: Prevent double-free in jas_iccattrval_destroy()
    (Closes: #816625)
  * CVE-2016-2089: matrix rows_ NULL pointer dereference in jas_matrix_clip()
    (Closes: #812978)
  * CVE-2016-2116: Prevent jas_stream_t memory leak in
    jas_iccprof_createfrombuf() (Closes: #816626)

ubuntu/zesty 2016-04-02 22:17:09 UTC 2016-04-02
Import patches-unapplied version 1.900.1-debian1-2.4+deb8u1 to debian/sid

Author: Salvatore Bonaccorso
Author Date: 2016-03-06 13:49:44 UTC

Import patches-unapplied version 1.900.1-debian1-2.4+deb8u1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: fe9f6f6486639c502f0af1fc3572b31882756406

New changelog entries:
  * Non-maintainer upload by the Security Team.
  * CVE-2016-1577: Prevent double-free in jas_iccattrval_destroy()
    (Closes: #816625)
  * CVE-2016-2089: matrix rows_ NULL pointer dereference in jas_matrix_clip()
    (Closes: #812978)
  * CVE-2016-2116: Prevent jas_stream_t memory leak in
    jas_iccprof_createfrombuf() (Closes: #816626)

applied/ubuntu/yakkety-proposed 2016-04-02 22:17:09 UTC 2016-04-02
Import patches-applied version 1.900.1-debian1-2.4+deb8u1 to applied/debian/sid

Author: Salvatore Bonaccorso
Author Date: 2016-03-06 13:49:44 UTC

Import patches-applied version 1.900.1-debian1-2.4+deb8u1 to applied/debian/sid

Imported using git-ubuntu import.

Changelog parent: 066897723810fa1baab8dc1563c8d35a4d0e83c6
Unapplied parent: 32179767221d54b0334d80e6fcdac19050bea6ab

New changelog entries:
  * Non-maintainer upload by the Security Team.
  * CVE-2016-1577: Prevent double-free in jas_iccattrval_destroy()
    (Closes: #816625)
  * CVE-2016-2089: matrix rows_ NULL pointer dereference in jas_matrix_clip()
    (Closes: #812978)
  * CVE-2016-2116: Prevent jas_stream_t memory leak in
    jas_iccprof_createfrombuf() (Closes: #816626)

debian/sid 2016-04-02 22:17:09 UTC 2016-04-02
Import patches-unapplied version 1.900.1-debian1-2.4+deb8u1 to debian/sid

Author: Salvatore Bonaccorso
Author Date: 2016-03-06 13:49:44 UTC

Import patches-unapplied version 1.900.1-debian1-2.4+deb8u1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: fe9f6f6486639c502f0af1fc3572b31882756406

New changelog entries:
  * Non-maintainer upload by the Security Team.
  * CVE-2016-1577: Prevent double-free in jas_iccattrval_destroy()
    (Closes: #816625)
  * CVE-2016-2089: matrix rows_ NULL pointer dereference in jas_matrix_clip()
    (Closes: #812978)
  * CVE-2016-2116: Prevent jas_stream_t memory leak in
    jas_iccprof_createfrombuf() (Closes: #816626)

ubuntu/zesty-devel 2016-04-02 22:17:09 UTC 2016-04-02
Import patches-unapplied version 1.900.1-debian1-2.4+deb8u1 to debian/sid

Author: Salvatore Bonaccorso
Author Date: 2016-03-06 13:49:44 UTC

Import patches-unapplied version 1.900.1-debian1-2.4+deb8u1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: fe9f6f6486639c502f0af1fc3572b31882756406

New changelog entries:
  * Non-maintainer upload by the Security Team.
  * CVE-2016-1577: Prevent double-free in jas_iccattrval_destroy()
    (Closes: #816625)
  * CVE-2016-2089: matrix rows_ NULL pointer dereference in jas_matrix_clip()
    (Closes: #812978)
  * CVE-2016-2116: Prevent jas_stream_t memory leak in
    jas_iccprof_createfrombuf() (Closes: #816626)

applied/ubuntu/zesty-devel 2016-04-02 22:17:09 UTC 2016-04-02
Import patches-applied version 1.900.1-debian1-2.4+deb8u1 to applied/debian/sid

Author: Salvatore Bonaccorso
Author Date: 2016-03-06 13:49:44 UTC

Import patches-applied version 1.900.1-debian1-2.4+deb8u1 to applied/debian/sid

Imported using git-ubuntu import.

Changelog parent: 066897723810fa1baab8dc1563c8d35a4d0e83c6
Unapplied parent: 32179767221d54b0334d80e6fcdac19050bea6ab

New changelog entries:
  * Non-maintainer upload by the Security Team.
  * CVE-2016-1577: Prevent double-free in jas_iccattrval_destroy()
    (Closes: #816625)
  * CVE-2016-2089: matrix rows_ NULL pointer dereference in jas_matrix_clip()
    (Closes: #812978)
  * CVE-2016-2116: Prevent jas_stream_t memory leak in
    jas_iccprof_createfrombuf() (Closes: #816626)

applied/ubuntu/zesty 2016-04-02 22:17:09 UTC 2016-04-02
Import patches-applied version 1.900.1-debian1-2.4+deb8u1 to applied/debian/sid

Author: Salvatore Bonaccorso
Author Date: 2016-03-06 13:49:44 UTC

Import patches-applied version 1.900.1-debian1-2.4+deb8u1 to applied/debian/sid

Imported using git-ubuntu import.

Changelog parent: 066897723810fa1baab8dc1563c8d35a4d0e83c6
Unapplied parent: 32179767221d54b0334d80e6fcdac19050bea6ab

New changelog entries:
  * Non-maintainer upload by the Security Team.
  * CVE-2016-1577: Prevent double-free in jas_iccattrval_destroy()
    (Closes: #816625)
  * CVE-2016-2089: matrix rows_ NULL pointer dereference in jas_matrix_clip()
    (Closes: #812978)
  * CVE-2016-2116: Prevent jas_stream_t memory leak in
    jas_iccprof_createfrombuf() (Closes: #816626)

debian/stretch 2016-04-02 22:17:09 UTC 2016-04-02
Import patches-unapplied version 1.900.1-debian1-2.4+deb8u1 to debian/sid

Author: Salvatore Bonaccorso
Author Date: 2016-03-06 13:49:44 UTC

Import patches-unapplied version 1.900.1-debian1-2.4+deb8u1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: fe9f6f6486639c502f0af1fc3572b31882756406

New changelog entries:
  * Non-maintainer upload by the Security Team.
  * CVE-2016-1577: Prevent double-free in jas_iccattrval_destroy()
    (Closes: #816625)
  * CVE-2016-2089: matrix rows_ NULL pointer dereference in jas_matrix_clip()
    (Closes: #812978)
  * CVE-2016-2116: Prevent jas_stream_t memory leak in
    jas_iccprof_createfrombuf() (Closes: #816626)

applied/ubuntu/xenial 2016-03-03 14:58:48 UTC 2016-03-03
Import patches-applied version 1.900.1-debian1-2.4ubuntu1 to applied/ubuntu/x...

Author: Tyler Hicks
Author Date: 2016-03-02 21:30:54 UTC

Import patches-applied version 1.900.1-debian1-2.4ubuntu1 to applied/ubuntu/xenial-proposed

Imported using git-ubuntu import.

Changelog parent: 066897723810fa1baab8dc1563c8d35a4d0e83c6
Unapplied parent: 63ebf6615d71db05f04e55cd7c74d3505451d8e5

New changelog entries:
  * SECURITY UPDATE: Denial of service or possible code execution via crafted
    ICC color profile (LP: #1547865)
    - debian/patches/09-CVE-2016-1577.patch: Prevent double-free in
      src/libjasper/base/jas_icc.c
    - CVE-2016-1577
  * SECURITY UPDATE: Denial of service via resource exhaustion via crafted ICC
    color profile
    - debian/patches/10-CVE-2016-2116.patch: Prevent memory leak in
      src/libjasper/base/jas_icc.c
    - CVE-2016-2116

ubuntu/xenial-proposed 2016-03-03 14:58:48 UTC 2016-03-03
Import patches-unapplied version 1.900.1-debian1-2.4ubuntu1 to ubuntu/xenial-...

Author: Tyler Hicks
Author Date: 2016-03-02 21:30:54 UTC

Import patches-unapplied version 1.900.1-debian1-2.4ubuntu1 to ubuntu/xenial-proposed

Imported using git-ubuntu import.

Changelog parent: fe9f6f6486639c502f0af1fc3572b31882756406

New changelog entries:
  * SECURITY UPDATE: Denial of service or possible code execution via crafted
    ICC color profile (LP: #1547865)
    - debian/patches/09-CVE-2016-1577.patch: Prevent double-free in
      src/libjasper/base/jas_icc.c
    - CVE-2016-1577
  * SECURITY UPDATE: Denial of service via resource exhaustion via crafted ICC
    color profile
    - debian/patches/10-CVE-2016-2116.patch: Prevent memory leak in
      src/libjasper/base/jas_icc.c
    - CVE-2016-2116

applied/ubuntu/xenial-proposed 2016-03-03 14:58:48 UTC 2016-03-03
Import patches-applied version 1.900.1-debian1-2.4ubuntu1 to applied/ubuntu/x...

Author: Tyler Hicks
Author Date: 2016-03-02 21:30:54 UTC

Import patches-applied version 1.900.1-debian1-2.4ubuntu1 to applied/ubuntu/xenial-proposed

Imported using git-ubuntu import.

Changelog parent: 066897723810fa1baab8dc1563c8d35a4d0e83c6
Unapplied parent: 63ebf6615d71db05f04e55cd7c74d3505451d8e5

New changelog entries:
  * SECURITY UPDATE: Denial of service or possible code execution via crafted
    ICC color profile (LP: #1547865)
    - debian/patches/09-CVE-2016-1577.patch: Prevent double-free in
      src/libjasper/base/jas_icc.c
    - CVE-2016-1577
  * SECURITY UPDATE: Denial of service via resource exhaustion via crafted ICC
    color profile
    - debian/patches/10-CVE-2016-2116.patch: Prevent memory leak in
      src/libjasper/base/jas_icc.c
    - CVE-2016-2116

ubuntu/xenial 2016-03-03 14:58:48 UTC 2016-03-03
Import patches-unapplied version 1.900.1-debian1-2.4ubuntu1 to ubuntu/xenial-...

Author: Tyler Hicks
Author Date: 2016-03-02 21:30:54 UTC

Import patches-unapplied version 1.900.1-debian1-2.4ubuntu1 to ubuntu/xenial-proposed

Imported using git-ubuntu import.

Changelog parent: fe9f6f6486639c502f0af1fc3572b31882756406

New changelog entries:
  * SECURITY UPDATE: Denial of service or possible code execution via crafted
    ICC color profile (LP: #1547865)
    - debian/patches/09-CVE-2016-1577.patch: Prevent double-free in
      src/libjasper/base/jas_icc.c
    - CVE-2016-1577
  * SECURITY UPDATE: Denial of service via resource exhaustion via crafted ICC
    color profile
    - debian/patches/10-CVE-2016-2116.patch: Prevent memory leak in
      src/libjasper/base/jas_icc.c
    - CVE-2016-2116

ubuntu/wily-updates 2016-03-03 14:18:47 UTC 2016-03-03
Import patches-unapplied version 1.900.1-debian1-2.4ubuntu0.15.10.1 to ubuntu...

Author: Tyler Hicks
Author Date: 2016-02-26 06:07:11 UTC

Import patches-unapplied version 1.900.1-debian1-2.4ubuntu0.15.10.1 to ubuntu/wily-security

Imported using git-ubuntu import.

Changelog parent: fe9f6f6486639c502f0af1fc3572b31882756406

New changelog entries:
  * SECURITY UPDATE: Denial of service or possible code execution via crafted
    ICC color profile (LP: #1547865)
    - debian/patches/09-CVE-2016-1577.patch: Prevent double-free in
      src/libjasper/base/jas_icc.c
    - CVE-2016-1577
  * SECURITY UPDATE: Denial of service via resource exhaustion via crafted ICC
    color profile
    - debian/patches/10-CVE-2016-2116.patch: Prevent memory leak in
      src/libjasper/base/jas_icc.c
    - CVE-2016-2116

ubuntu/wily-devel 2016-03-03 14:18:47 UTC 2016-03-03
Import patches-unapplied version 1.900.1-debian1-2.4ubuntu0.15.10.1 to ubuntu...

Author: Tyler Hicks
Author Date: 2016-02-26 06:07:11 UTC

Import patches-unapplied version 1.900.1-debian1-2.4ubuntu0.15.10.1 to ubuntu/wily-security

Imported using git-ubuntu import.

Changelog parent: fe9f6f6486639c502f0af1fc3572b31882756406

New changelog entries:
  * SECURITY UPDATE: Denial of service or possible code execution via crafted
    ICC color profile (LP: #1547865)
    - debian/patches/09-CVE-2016-1577.patch: Prevent double-free in
      src/libjasper/base/jas_icc.c
    - CVE-2016-1577
  * SECURITY UPDATE: Denial of service via resource exhaustion via crafted ICC
    color profile
    - debian/patches/10-CVE-2016-2116.patch: Prevent memory leak in
      src/libjasper/base/jas_icc.c
    - CVE-2016-2116

ubuntu/precise-updates 2016-03-03 14:18:47 UTC 2016-03-03
Import patches-unapplied version 1.900.1-13ubuntu0.3 to ubuntu/precise-security

Author: Tyler Hicks
Author Date: 2016-02-26 06:07:11 UTC

Import patches-unapplied version 1.900.1-13ubuntu0.3 to ubuntu/precise-security

Imported using git-ubuntu import.

Changelog parent: 798865b181cb04e5969f74ffeeb0541c41d9d412

New changelog entries:
  * SECURITY UPDATE: Denial of service or possible code execution via crafted
    ICC color profile (LP: #1547865)
    - debian/patches/09-CVE-2016-1577.patch: Prevent double-free in
      src/libjasper/base/jas_icc.c
    - CVE-2016-1577
  * SECURITY UPDATE: Denial of service via resource exhaustion via crafted ICC
    color profile
    - debian/patches/10-CVE-2016-2116.patch: Prevent memory leak in
      src/libjasper/base/jas_icc.c
    - CVE-2016-2116

ubuntu/precise-security 2016-03-03 14:18:47 UTC 2016-03-03
Import patches-unapplied version 1.900.1-13ubuntu0.3 to ubuntu/precise-security

Author: Tyler Hicks
Author Date: 2016-02-26 06:07:11 UTC

Import patches-unapplied version 1.900.1-13ubuntu0.3 to ubuntu/precise-security

Imported using git-ubuntu import.

Changelog parent: 798865b181cb04e5969f74ffeeb0541c41d9d412

New changelog entries:
  * SECURITY UPDATE: Denial of service or possible code execution via crafted
    ICC color profile (LP: #1547865)
    - debian/patches/09-CVE-2016-1577.patch: Prevent double-free in
      src/libjasper/base/jas_icc.c
    - CVE-2016-1577
  * SECURITY UPDATE: Denial of service via resource exhaustion via crafted ICC
    color profile
    - debian/patches/10-CVE-2016-2116.patch: Prevent memory leak in
      src/libjasper/base/jas_icc.c
    - CVE-2016-2116

ubuntu/precise-devel 2016-03-03 14:18:47 UTC 2016-03-03
Import patches-unapplied version 1.900.1-13ubuntu0.3 to ubuntu/precise-security

Author: Tyler Hicks
Author Date: 2016-02-26 06:07:11 UTC

Import patches-unapplied version 1.900.1-13ubuntu0.3 to ubuntu/precise-security

Imported using git-ubuntu import.

Changelog parent: 798865b181cb04e5969f74ffeeb0541c41d9d412

New changelog entries:
  * SECURITY UPDATE: Denial of service or possible code execution via crafted
    ICC color profile (LP: #1547865)
    - debian/patches/09-CVE-2016-1577.patch: Prevent double-free in
      src/libjasper/base/jas_icc.c
    - CVE-2016-1577
  * SECURITY UPDATE: Denial of service via resource exhaustion via crafted ICC
    color profile
    - debian/patches/10-CVE-2016-2116.patch: Prevent memory leak in
      src/libjasper/base/jas_icc.c
    - CVE-2016-2116

applied/ubuntu/wily-updates 2016-03-03 14:18:47 UTC 2016-03-03
Import patches-applied version 1.900.1-debian1-2.4ubuntu0.15.10.1 to applied/...

Author: Tyler Hicks
Author Date: 2016-02-26 06:07:11 UTC

Import patches-applied version 1.900.1-debian1-2.4ubuntu0.15.10.1 to applied/ubuntu/wily-security

Imported using git-ubuntu import.

Changelog parent: 066897723810fa1baab8dc1563c8d35a4d0e83c6
Unapplied parent: 28b43dd3dc7696f6e312a253d5f5e84012510bf1

New changelog entries:
  * SECURITY UPDATE: Denial of service or possible code execution via crafted
    ICC color profile (LP: #1547865)
    - debian/patches/09-CVE-2016-1577.patch: Prevent double-free in
      src/libjasper/base/jas_icc.c
    - CVE-2016-1577
  * SECURITY UPDATE: Denial of service via resource exhaustion via crafted ICC
    color profile
    - debian/patches/10-CVE-2016-2116.patch: Prevent memory leak in
      src/libjasper/base/jas_icc.c
    - CVE-2016-2116

applied/ubuntu/wily-security 2016-03-03 14:18:47 UTC 2016-03-03
Import patches-applied version 1.900.1-debian1-2.4ubuntu0.15.10.1 to applied/...

Author: Tyler Hicks
Author Date: 2016-02-26 06:07:11 UTC

Import patches-applied version 1.900.1-debian1-2.4ubuntu0.15.10.1 to applied/ubuntu/wily-security

Imported using git-ubuntu import.

Changelog parent: 066897723810fa1baab8dc1563c8d35a4d0e83c6
Unapplied parent: 28b43dd3dc7696f6e312a253d5f5e84012510bf1

New changelog entries:
  * SECURITY UPDATE: Denial of service or possible code execution via crafted
    ICC color profile (LP: #1547865)
    - debian/patches/09-CVE-2016-1577.patch: Prevent double-free in
      src/libjasper/base/jas_icc.c
    - CVE-2016-1577
  * SECURITY UPDATE: Denial of service via resource exhaustion via crafted ICC
    color profile
    - debian/patches/10-CVE-2016-2116.patch: Prevent memory leak in
      src/libjasper/base/jas_icc.c
    - CVE-2016-2116

applied/ubuntu/wily-devel 2016-03-03 14:18:47 UTC 2016-03-03
Import patches-applied version 1.900.1-debian1-2.4ubuntu0.15.10.1 to applied/...

Author: Tyler Hicks
Author Date: 2016-02-26 06:07:11 UTC

Import patches-applied version 1.900.1-debian1-2.4ubuntu0.15.10.1 to applied/ubuntu/wily-security

Imported using git-ubuntu import.

Changelog parent: 066897723810fa1baab8dc1563c8d35a4d0e83c6
Unapplied parent: 28b43dd3dc7696f6e312a253d5f5e84012510bf1

New changelog entries:
  * SECURITY UPDATE: Denial of service or possible code execution via crafted
    ICC color profile (LP: #1547865)
    - debian/patches/09-CVE-2016-1577.patch: Prevent double-free in
      src/libjasper/base/jas_icc.c
    - CVE-2016-1577
  * SECURITY UPDATE: Denial of service via resource exhaustion via crafted ICC
    color profile
    - debian/patches/10-CVE-2016-2116.patch: Prevent memory leak in
      src/libjasper/base/jas_icc.c
    - CVE-2016-2116

applied/ubuntu/precise-devel 2016-03-03 14:18:47 UTC 2016-03-03
Import patches-applied version 1.900.1-13ubuntu0.3 to applied/ubuntu/precise-...

Author: Tyler Hicks
Author Date: 2016-02-26 06:07:11 UTC

Import patches-applied version 1.900.1-13ubuntu0.3 to applied/ubuntu/precise-security

Imported using git-ubuntu import.

Changelog parent: ef0b6e41f2844e17cb0d01a17d9f9407c149aadf
Unapplied parent: caec7ebc603ee994f80f4f8bbc3cfc5f563597e4

New changelog entries:
  * SECURITY UPDATE: Denial of service or possible code execution via crafted
    ICC color profile (LP: #1547865)
    - debian/patches/09-CVE-2016-1577.patch: Prevent double-free in
      src/libjasper/base/jas_icc.c
    - CVE-2016-1577
  * SECURITY UPDATE: Denial of service via resource exhaustion via crafted ICC
    color profile
    - debian/patches/10-CVE-2016-2116.patch: Prevent memory leak in
      src/libjasper/base/jas_icc.c
    - CVE-2016-2116

applied/ubuntu/precise-security 2016-03-03 14:18:47 UTC 2016-03-03
Import patches-applied version 1.900.1-13ubuntu0.3 to applied/ubuntu/precise-...

Author: Tyler Hicks
Author Date: 2016-02-26 06:07:11 UTC

Import patches-applied version 1.900.1-13ubuntu0.3 to applied/ubuntu/precise-security

Imported using git-ubuntu import.

Changelog parent: ef0b6e41f2844e17cb0d01a17d9f9407c149aadf
Unapplied parent: caec7ebc603ee994f80f4f8bbc3cfc5f563597e4

New changelog entries:
  * SECURITY UPDATE: Denial of service or possible code execution via crafted
    ICC color profile (LP: #1547865)
    - debian/patches/09-CVE-2016-1577.patch: Prevent double-free in
      src/libjasper/base/jas_icc.c
    - CVE-2016-1577
  * SECURITY UPDATE: Denial of service via resource exhaustion via crafted ICC
    color profile
    - debian/patches/10-CVE-2016-2116.patch: Prevent memory leak in
      src/libjasper/base/jas_icc.c
    - CVE-2016-2116

applied/ubuntu/precise-updates 2016-03-03 14:18:47 UTC 2016-03-03
Import patches-applied version 1.900.1-13ubuntu0.3 to applied/ubuntu/precise-...

Author: Tyler Hicks
Author Date: 2016-02-26 06:07:11 UTC

Import patches-applied version 1.900.1-13ubuntu0.3 to applied/ubuntu/precise-security

Imported using git-ubuntu import.

Changelog parent: ef0b6e41f2844e17cb0d01a17d9f9407c149aadf
Unapplied parent: caec7ebc603ee994f80f4f8bbc3cfc5f563597e4

New changelog entries:
  * SECURITY UPDATE: Denial of service or possible code execution via crafted
    ICC color profile (LP: #1547865)
    - debian/patches/09-CVE-2016-1577.patch: Prevent double-free in
      src/libjasper/base/jas_icc.c
    - CVE-2016-1577
  * SECURITY UPDATE: Denial of service via resource exhaustion via crafted ICC
    color profile
    - debian/patches/10-CVE-2016-2116.patch: Prevent memory leak in
      src/libjasper/base/jas_icc.c
    - CVE-2016-2116

ubuntu/wily-security 2016-03-03 14:18:47 UTC 2016-03-03
Import patches-unapplied version 1.900.1-debian1-2.4ubuntu0.15.10.1 to ubuntu...

Author: Tyler Hicks
Author Date: 2016-02-26 06:07:11 UTC

Import patches-unapplied version 1.900.1-debian1-2.4ubuntu0.15.10.1 to ubuntu/wily-security

Imported using git-ubuntu import.

Changelog parent: fe9f6f6486639c502f0af1fc3572b31882756406

New changelog entries:
  * SECURITY UPDATE: Denial of service or possible code execution via crafted
    ICC color profile (LP: #1547865)
    - debian/patches/09-CVE-2016-1577.patch: Prevent double-free in
      src/libjasper/base/jas_icc.c
    - CVE-2016-1577
  * SECURITY UPDATE: Denial of service via resource exhaustion via crafted ICC
    color profile
    - debian/patches/10-CVE-2016-2116.patch: Prevent memory leak in
      src/libjasper/base/jas_icc.c
    - CVE-2016-2116

applied/ubuntu/vivid-devel 2015-01-27 22:16:06 UTC 2015-01-27
Import patches-applied version 1.900.1-debian1-2.4 to applied/debian/sid

Author: Salvatore Bonaccorso
Author Date: 2015-01-22 16:09:24 UTC

Import patches-applied version 1.900.1-debian1-2.4 to applied/debian/sid

Imported using git-ubuntu import.

Changelog parent: e96be21e5ee33713e382f46293bc6e6f3b06b808
Unapplied parent: d23d7cce7c0d98091b088f7ab9a743bea78e84d6

New changelog entries:
  * Non-maintainer upload.
  * Add 07-CVE-2014-8157.patch patch.
    CVE-2014-8157: dec->numtiles off-by-one check in jpc_dec_process_sot().
    (Closes: #775970)
  * Add 08-CVE-2014-8158.patch patch.
    CVE-2014-8158: unrestricted stack memory use in jpc_qmfb.c (Closes: #775970)

ubuntu/vivid 2015-01-27 22:16:06 UTC 2015-01-27
Import patches-unapplied version 1.900.1-debian1-2.4 to debian/sid

Author: Salvatore Bonaccorso
Author Date: 2015-01-22 16:09:24 UTC

Import patches-unapplied version 1.900.1-debian1-2.4 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 76749eeb5205cc350ece34e3da6940359671845c

New changelog entries:
  * Non-maintainer upload.
  * Add 07-CVE-2014-8157.patch patch.
    CVE-2014-8157: dec->numtiles off-by-one check in jpc_dec_process_sot().
    (Closes: #775970)
  * Add 08-CVE-2014-8158.patch patch.
    CVE-2014-8158: unrestricted stack memory use in jpc_qmfb.c (Closes: #775970)

ubuntu/vivid-devel 2015-01-27 22:16:06 UTC 2015-01-27
Import patches-unapplied version 1.900.1-debian1-2.4 to debian/sid

Author: Salvatore Bonaccorso
Author Date: 2015-01-22 16:09:24 UTC

Import patches-unapplied version 1.900.1-debian1-2.4 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 76749eeb5205cc350ece34e3da6940359671845c

New changelog entries:
  * Non-maintainer upload.
  * Add 07-CVE-2014-8157.patch patch.
    CVE-2014-8157: dec->numtiles off-by-one check in jpc_dec_process_sot().
    (Closes: #775970)
  * Add 08-CVE-2014-8158.patch patch.
    CVE-2014-8158: unrestricted stack memory use in jpc_qmfb.c (Closes: #775970)

ubuntu/vivid-proposed 2015-01-27 22:16:06 UTC 2015-01-27
Import patches-unapplied version 1.900.1-debian1-2.4 to debian/sid

Author: Salvatore Bonaccorso
Author Date: 2015-01-22 16:09:24 UTC

Import patches-unapplied version 1.900.1-debian1-2.4 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 76749eeb5205cc350ece34e3da6940359671845c

New changelog entries:
  * Non-maintainer upload.
  * Add 07-CVE-2014-8157.patch patch.
    CVE-2014-8157: dec->numtiles off-by-one check in jpc_dec_process_sot().
    (Closes: #775970)
  * Add 08-CVE-2014-8158.patch patch.
    CVE-2014-8158: unrestricted stack memory use in jpc_qmfb.c (Closes: #775970)

applied/ubuntu/vivid 2015-01-27 22:16:06 UTC 2015-01-27
Import patches-applied version 1.900.1-debian1-2.4 to applied/debian/sid

Author: Salvatore Bonaccorso
Author Date: 2015-01-22 16:09:24 UTC

Import patches-applied version 1.900.1-debian1-2.4 to applied/debian/sid

Imported using git-ubuntu import.

Changelog parent: e96be21e5ee33713e382f46293bc6e6f3b06b808
Unapplied parent: d23d7cce7c0d98091b088f7ab9a743bea78e84d6

New changelog entries:
  * Non-maintainer upload.
  * Add 07-CVE-2014-8157.patch patch.
    CVE-2014-8157: dec->numtiles off-by-one check in jpc_dec_process_sot().
    (Closes: #775970)
  * Add 08-CVE-2014-8158.patch patch.
    CVE-2014-8158: unrestricted stack memory use in jpc_qmfb.c (Closes: #775970)

ubuntu/wily 2015-01-27 22:16:06 UTC 2015-01-27
Import patches-unapplied version 1.900.1-debian1-2.4 to debian/sid

Author: Salvatore Bonaccorso
Author Date: 2015-01-22 16:09:24 UTC

Import patches-unapplied version 1.900.1-debian1-2.4 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 76749eeb5205cc350ece34e3da6940359671845c

New changelog entries:
  * Non-maintainer upload.
  * Add 07-CVE-2014-8157.patch patch.
    CVE-2014-8157: dec->numtiles off-by-one check in jpc_dec_process_sot().
    (Closes: #775970)
  * Add 08-CVE-2014-8158.patch patch.
    CVE-2014-8158: unrestricted stack memory use in jpc_qmfb.c (Closes: #775970)

applied/ubuntu/vivid-proposed 2015-01-27 22:16:06 UTC 2015-01-27
Import patches-applied version 1.900.1-debian1-2.4 to applied/debian/sid

Author: Salvatore Bonaccorso
Author Date: 2015-01-22 16:09:24 UTC

Import patches-applied version 1.900.1-debian1-2.4 to applied/debian/sid

Imported using git-ubuntu import.

Changelog parent: e96be21e5ee33713e382f46293bc6e6f3b06b808
Unapplied parent: d23d7cce7c0d98091b088f7ab9a743bea78e84d6

New changelog entries:
  * Non-maintainer upload.
  * Add 07-CVE-2014-8157.patch patch.
    CVE-2014-8157: dec->numtiles off-by-one check in jpc_dec_process_sot().
    (Closes: #775970)
  * Add 08-CVE-2014-8158.patch patch.
    CVE-2014-8158: unrestricted stack memory use in jpc_qmfb.c (Closes: #775970)

applied/ubuntu/wily 2015-01-27 22:16:06 UTC 2015-01-27
Import patches-applied version 1.900.1-debian1-2.4 to applied/debian/sid

Author: Salvatore Bonaccorso
Author Date: 2015-01-22 16:09:24 UTC

Import patches-applied version 1.900.1-debian1-2.4 to applied/debian/sid

Imported using git-ubuntu import.

Changelog parent: e96be21e5ee33713e382f46293bc6e6f3b06b808
Unapplied parent: d23d7cce7c0d98091b088f7ab9a743bea78e84d6

New changelog entries:
  * Non-maintainer upload.
  * Add 07-CVE-2014-8157.patch patch.
    CVE-2014-8157: dec->numtiles off-by-one check in jpc_dec_process_sot().
    (Closes: #775970)
  * Add 08-CVE-2014-8158.patch patch.
    CVE-2014-8158: unrestricted stack memory use in jpc_qmfb.c (Closes: #775970)

ubuntu/utopic-devel 2015-01-26 13:03:32 UTC 2015-01-26
Import patches-unapplied version 1.900.1-debian1-2ubuntu0.2 to ubuntu/utopic-...

Author: Marc Deslauriers
Author Date: 2015-01-22 17:49:54 UTC

Import patches-unapplied version 1.900.1-debian1-2ubuntu0.2 to ubuntu/utopic-security

Imported using git-ubuntu import.

Changelog parent: 8e97af51ef91f59c7539948e82f07b8179fa0c17

New changelog entries:
  * SECURITY UPDATE: denial of service via crafted ICC color profile
    - debian/patches/05-CVE-2014-8137.patch: prevent double-free in
      src/libjasper/base/jas_icc.c, remove assert in
      src/libjasper/jp2/jp2_dec.c.
    - CVE-2014-8137
  * SECURITY UPDATE: denial of service or code execution via invalid
    channel number
    - debian/patches/06-CVE-2014-8138.patch: validate channel number in
      src/libjasper/jp2/jp2_dec.c.
    - CVE-2014-8138
  * SECURITY UPDATE: denial of service or code execution via off-by-one
    - debian/patches/07-CVE-2014-8157.patch: fix off-by-one in
      src/libjasper/jpc/jpc_dec.c.
    - CVE-2014-8157
  * SECURITY UPDATE: denial of service or code execution via memory
    corruption
    - debian/patches/08-CVE-2014-8158.patch: remove HAVE_VLA to use more
      sensible buffer sizes in src/libjasper/jpc/jpc_qmfb.c.
    - CVE-2014-8158

applied/ubuntu/utopic-devel 2015-01-26 13:03:32 UTC 2015-01-26
Import patches-applied version 1.900.1-debian1-2ubuntu0.2 to applied/ubuntu/u...

Author: Marc Deslauriers
Author Date: 2015-01-22 17:49:54 UTC

Import patches-applied version 1.900.1-debian1-2ubuntu0.2 to applied/ubuntu/utopic-security

Imported using git-ubuntu import.

Changelog parent: efde7307097b2309a2aa83e45630bf36b41c1dc0
Unapplied parent: 15cf1f38e1df2fc43d1b01b5e0ee88c30f67edd7

New changelog entries:
  * SECURITY UPDATE: denial of service via crafted ICC color profile
    - debian/patches/05-CVE-2014-8137.patch: prevent double-free in
      src/libjasper/base/jas_icc.c, remove assert in
      src/libjasper/jp2/jp2_dec.c.
    - CVE-2014-8137
  * SECURITY UPDATE: denial of service or code execution via invalid
    channel number
    - debian/patches/06-CVE-2014-8138.patch: validate channel number in
      src/libjasper/jp2/jp2_dec.c.
    - CVE-2014-8138
  * SECURITY UPDATE: denial of service or code execution via off-by-one
    - debian/patches/07-CVE-2014-8157.patch: fix off-by-one in
      src/libjasper/jpc/jpc_dec.c.
    - CVE-2014-8157
  * SECURITY UPDATE: denial of service or code execution via memory
    corruption
    - debian/patches/08-CVE-2014-8158.patch: remove HAVE_VLA to use more
      sensible buffer sizes in src/libjasper/jpc/jpc_qmfb.c.
    - CVE-2014-8158

applied/ubuntu/utopic-security 2015-01-26 13:03:32 UTC 2015-01-26
Import patches-applied version 1.900.1-debian1-2ubuntu0.2 to applied/ubuntu/u...

Author: Marc Deslauriers
Author Date: 2015-01-22 17:49:54 UTC

Import patches-applied version 1.900.1-debian1-2ubuntu0.2 to applied/ubuntu/utopic-security

Imported using git-ubuntu import.

Changelog parent: efde7307097b2309a2aa83e45630bf36b41c1dc0
Unapplied parent: 15cf1f38e1df2fc43d1b01b5e0ee88c30f67edd7

New changelog entries:
  * SECURITY UPDATE: denial of service via crafted ICC color profile
    - debian/patches/05-CVE-2014-8137.patch: prevent double-free in
      src/libjasper/base/jas_icc.c, remove assert in
      src/libjasper/jp2/jp2_dec.c.
    - CVE-2014-8137
  * SECURITY UPDATE: denial of service or code execution via invalid
    channel number
    - debian/patches/06-CVE-2014-8138.patch: validate channel number in
      src/libjasper/jp2/jp2_dec.c.
    - CVE-2014-8138
  * SECURITY UPDATE: denial of service or code execution via off-by-one
    - debian/patches/07-CVE-2014-8157.patch: fix off-by-one in
      src/libjasper/jpc/jpc_dec.c.
    - CVE-2014-8157
  * SECURITY UPDATE: denial of service or code execution via memory
    corruption
    - debian/patches/08-CVE-2014-8158.patch: remove HAVE_VLA to use more
      sensible buffer sizes in src/libjasper/jpc/jpc_qmfb.c.
    - CVE-2014-8158

applied/ubuntu/utopic-updates 2015-01-26 13:03:32 UTC 2015-01-26
Import patches-applied version 1.900.1-debian1-2ubuntu0.2 to applied/ubuntu/u...

Author: Marc Deslauriers
Author Date: 2015-01-22 17:49:54 UTC

Import patches-applied version 1.900.1-debian1-2ubuntu0.2 to applied/ubuntu/utopic-security

Imported using git-ubuntu import.

Changelog parent: efde7307097b2309a2aa83e45630bf36b41c1dc0
Unapplied parent: 15cf1f38e1df2fc43d1b01b5e0ee88c30f67edd7

New changelog entries:
  * SECURITY UPDATE: denial of service via crafted ICC color profile
    - debian/patches/05-CVE-2014-8137.patch: prevent double-free in
      src/libjasper/base/jas_icc.c, remove assert in
      src/libjasper/jp2/jp2_dec.c.
    - CVE-2014-8137
  * SECURITY UPDATE: denial of service or code execution via invalid
    channel number
    - debian/patches/06-CVE-2014-8138.patch: validate channel number in
      src/libjasper/jp2/jp2_dec.c.
    - CVE-2014-8138
  * SECURITY UPDATE: denial of service or code execution via off-by-one
    - debian/patches/07-CVE-2014-8157.patch: fix off-by-one in
      src/libjasper/jpc/jpc_dec.c.
    - CVE-2014-8157
  * SECURITY UPDATE: denial of service or code execution via memory
    corruption
    - debian/patches/08-CVE-2014-8158.patch: remove HAVE_VLA to use more
      sensible buffer sizes in src/libjasper/jpc/jpc_qmfb.c.
    - CVE-2014-8158

ubuntu/utopic-security 2015-01-26 13:03:32 UTC 2015-01-26
Import patches-unapplied version 1.900.1-debian1-2ubuntu0.2 to ubuntu/utopic-...

Author: Marc Deslauriers
Author Date: 2015-01-22 17:49:54 UTC

Import patches-unapplied version 1.900.1-debian1-2ubuntu0.2 to ubuntu/utopic-security

Imported using git-ubuntu import.

Changelog parent: 8e97af51ef91f59c7539948e82f07b8179fa0c17

New changelog entries:
  * SECURITY UPDATE: denial of service via crafted ICC color profile
    - debian/patches/05-CVE-2014-8137.patch: prevent double-free in
      src/libjasper/base/jas_icc.c, remove assert in
      src/libjasper/jp2/jp2_dec.c.
    - CVE-2014-8137
  * SECURITY UPDATE: denial of service or code execution via invalid
    channel number
    - debian/patches/06-CVE-2014-8138.patch: validate channel number in
      src/libjasper/jp2/jp2_dec.c.
    - CVE-2014-8138
  * SECURITY UPDATE: denial of service or code execution via off-by-one
    - debian/patches/07-CVE-2014-8157.patch: fix off-by-one in
      src/libjasper/jpc/jpc_dec.c.
    - CVE-2014-8157
  * SECURITY UPDATE: denial of service or code execution via memory
    corruption
    - debian/patches/08-CVE-2014-8158.patch: remove HAVE_VLA to use more
      sensible buffer sizes in src/libjasper/jpc/jpc_qmfb.c.
    - CVE-2014-8158

ubuntu/utopic-updates 2015-01-26 13:03:32 UTC 2015-01-26
Import patches-unapplied version 1.900.1-debian1-2ubuntu0.2 to ubuntu/utopic-...

Author: Marc Deslauriers
Author Date: 2015-01-22 17:49:54 UTC

Import patches-unapplied version 1.900.1-debian1-2ubuntu0.2 to ubuntu/utopic-security

Imported using git-ubuntu import.

Changelog parent: 8e97af51ef91f59c7539948e82f07b8179fa0c17

New changelog entries:
  * SECURITY UPDATE: denial of service via crafted ICC color profile
    - debian/patches/05-CVE-2014-8137.patch: prevent double-free in
      src/libjasper/base/jas_icc.c, remove assert in
      src/libjasper/jp2/jp2_dec.c.
    - CVE-2014-8137
  * SECURITY UPDATE: denial of service or code execution via invalid
    channel number
    - debian/patches/06-CVE-2014-8138.patch: validate channel number in
      src/libjasper/jp2/jp2_dec.c.
    - CVE-2014-8138
  * SECURITY UPDATE: denial of service or code execution via off-by-one
    - debian/patches/07-CVE-2014-8157.patch: fix off-by-one in
      src/libjasper/jpc/jpc_dec.c.
    - CVE-2014-8157
  * SECURITY UPDATE: denial of service or code execution via memory
    corruption
    - debian/patches/08-CVE-2014-8158.patch: remove HAVE_VLA to use more
      sensible buffer sizes in src/libjasper/jpc/jpc_qmfb.c.
    - CVE-2014-8158

ubuntu/utopic 2014-05-18 22:14:27 UTC 2014-05-18
Import patches-unapplied version 1.900.1-debian1-2 to debian/sid

Author: Roland Stigge
Author Date: 2014-05-18 17:46:12 UTC

Import patches-unapplied version 1.900.1-debian1-2 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 398f1d0a119bd102727a27c4e85faeddfcfce2d0

New changelog entries:
  * debian/rules: Changed from dh $@ --with autotools_dev to autoreconf
    to fix build issue on new architectures (Closes: #747507)

applied/ubuntu/utopic 2014-05-18 22:14:27 UTC 2014-05-18
Import patches-applied version 1.900.1-debian1-2 to applied/debian/sid

Author: Roland Stigge
Author Date: 2014-05-18 17:46:12 UTC

Import patches-applied version 1.900.1-debian1-2 to applied/debian/sid

Imported using git-ubuntu import.

Changelog parent: a26334158004d34bfa1d9519b3461cb2c7b0976e
Unapplied parent: c55538aa1bd3bf043c46f29ce79550a29d720fbb

New changelog entries:
  * debian/rules: Changed from dh $@ --with autotools_dev to autoreconf
    to fix build issue on new architectures (Closes: #747507)

applied/ubuntu/utopic-proposed 2014-05-18 22:14:27 UTC 2014-05-18
Import patches-applied version 1.900.1-debian1-2 to applied/debian/sid

Author: Roland Stigge
Author Date: 2014-05-18 17:46:12 UTC

Import patches-applied version 1.900.1-debian1-2 to applied/debian/sid

Imported using git-ubuntu import.

Changelog parent: a26334158004d34bfa1d9519b3461cb2c7b0976e
Unapplied parent: c55538aa1bd3bf043c46f29ce79550a29d720fbb

New changelog entries:
  * debian/rules: Changed from dh $@ --with autotools_dev to autoreconf
    to fix build issue on new architectures (Closes: #747507)

ubuntu/utopic-proposed 2014-05-18 22:14:27 UTC 2014-05-18
Import patches-unapplied version 1.900.1-debian1-2 to debian/sid

Author: Roland Stigge
Author Date: 2014-05-18 17:46:12 UTC

Import patches-unapplied version 1.900.1-debian1-2 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 398f1d0a119bd102727a27c4e85faeddfcfce2d0

New changelog entries:
  * debian/rules: Changed from dh $@ --with autotools_dev to autoreconf
    to fix build issue on new architectures (Closes: #747507)

applied/ubuntu/trusty 2013-12-06 15:08:14 UTC 2013-12-06
Import patches-applied version 1.900.1-14ubuntu3 to applied/ubuntu/trusty-pro...

Author: Matthias Klose
Author Date: 2013-12-06 14:37:06 UTC

Import patches-applied version 1.900.1-14ubuntu3 to applied/ubuntu/trusty-proposed

Imported using git-ubuntu import.

Changelog parent: 8873af614f5b0a3095250f75a21530af81145c8a
Unapplied parent: 7ec004db9e657997434d2102b5169705a578d867

New changelog entries:
  * Build using dh-autoreconf.

ubuntu/trusty 2013-12-06 15:08:14 UTC 2013-12-06
Import patches-unapplied version 1.900.1-14ubuntu3 to ubuntu/trusty-proposed

Author: Matthias Klose
Author Date: 2013-12-06 14:37:06 UTC

Import patches-unapplied version 1.900.1-14ubuntu3 to ubuntu/trusty-proposed

Imported using git-ubuntu import.

Changelog parent: f450e04328ee0d81de4f4559e6139db69b1cb46c

New changelog entries:
  * Build using dh-autoreconf.

ubuntu/trusty-proposed 2013-12-06 15:08:14 UTC 2013-12-06
Import patches-unapplied version 1.900.1-14ubuntu3 to ubuntu/trusty-proposed

Author: Matthias Klose
Author Date: 2013-12-06 14:37:06 UTC

Import patches-unapplied version 1.900.1-14ubuntu3 to ubuntu/trusty-proposed

Imported using git-ubuntu import.

Changelog parent: f450e04328ee0d81de4f4559e6139db69b1cb46c

New changelog entries:
  * Build using dh-autoreconf.

applied/ubuntu/trusty-proposed 2013-12-06 15:08:14 UTC 2013-12-06
Import patches-applied version 1.900.1-14ubuntu3 to applied/ubuntu/trusty-pro...

Author: Matthias Klose
Author Date: 2013-12-06 14:37:06 UTC

Import patches-applied version 1.900.1-14ubuntu3 to applied/ubuntu/trusty-proposed

Imported using git-ubuntu import.

Changelog parent: 8873af614f5b0a3095250f75a21530af81145c8a
Unapplied parent: 7ec004db9e657997434d2102b5169705a578d867

New changelog entries:
  * Build using dh-autoreconf.

ubuntu/raring 2012-10-13 22:19:05 UTC 2012-10-13
Import patches-unapplied version 1.900.1-14 to debian/sid

Author: Roland Stigge
Author Date: 2012-10-13 16:06:57 UTC

Import patches-unapplied version 1.900.1-14 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 38dbea7d60ab9ce333da840ddd25aa9706ddd07e

New changelog entries:
  * Fix FTBFS on Hurd by defining PATH_MAX (Closes: #690298)
    Thanks to Pino Toscano!

applied/ubuntu/saucy-devel 2012-10-13 22:19:05 UTC 2012-10-13
Import patches-applied version 1.900.1-14 to applied/debian/sid

Author: Roland Stigge
Author Date: 2012-10-13 16:06:57 UTC

Import patches-applied version 1.900.1-14 to applied/debian/sid

Imported using git-ubuntu import.

Changelog parent: e71cec755a008be7ca57ebd8d33c0a5d306b3cf3
Unapplied parent: 49c24f132948f7e92c5f93d4b7779b6d88e6ec46

New changelog entries:
  * Fix FTBFS on Hurd by defining PATH_MAX (Closes: #690298)
    Thanks to Pino Toscano!

applied/ubuntu/raring-proposed 2012-10-13 22:19:05 UTC 2012-10-13
Import patches-applied version 1.900.1-14 to applied/debian/sid

Author: Roland Stigge
Author Date: 2012-10-13 16:06:57 UTC

Import patches-applied version 1.900.1-14 to applied/debian/sid

Imported using git-ubuntu import.

Changelog parent: e71cec755a008be7ca57ebd8d33c0a5d306b3cf3
Unapplied parent: 49c24f132948f7e92c5f93d4b7779b6d88e6ec46

New changelog entries:
  * Fix FTBFS on Hurd by defining PATH_MAX (Closes: #690298)
    Thanks to Pino Toscano!

applied/ubuntu/raring-devel 2012-10-13 22:19:05 UTC 2012-10-13
Import patches-applied version 1.900.1-14 to applied/debian/sid

Author: Roland Stigge
Author Date: 2012-10-13 16:06:57 UTC

Import patches-applied version 1.900.1-14 to applied/debian/sid

Imported using git-ubuntu import.

Changelog parent: e71cec755a008be7ca57ebd8d33c0a5d306b3cf3
Unapplied parent: 49c24f132948f7e92c5f93d4b7779b6d88e6ec46

New changelog entries:
  * Fix FTBFS on Hurd by defining PATH_MAX (Closes: #690298)
    Thanks to Pino Toscano!

ubuntu/saucy 2012-10-13 22:19:05 UTC 2012-10-13
Import patches-unapplied version 1.900.1-14 to debian/sid

Author: Roland Stigge
Author Date: 2012-10-13 16:06:57 UTC

Import patches-unapplied version 1.900.1-14 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 38dbea7d60ab9ce333da840ddd25aa9706ddd07e

New changelog entries:
  * Fix FTBFS on Hurd by defining PATH_MAX (Closes: #690298)
    Thanks to Pino Toscano!

ubuntu/raring-proposed 2012-10-13 22:19:05 UTC 2012-10-13
Import patches-unapplied version 1.900.1-14 to debian/sid

Author: Roland Stigge
Author Date: 2012-10-13 16:06:57 UTC

Import patches-unapplied version 1.900.1-14 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 38dbea7d60ab9ce333da840ddd25aa9706ddd07e

New changelog entries:
  * Fix FTBFS on Hurd by defining PATH_MAX (Closes: #690298)
    Thanks to Pino Toscano!

ubuntu/raring-devel 2012-10-13 22:19:05 UTC 2012-10-13
Import patches-unapplied version 1.900.1-14 to debian/sid

Author: Roland Stigge
Author Date: 2012-10-13 16:06:57 UTC

Import patches-unapplied version 1.900.1-14 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 38dbea7d60ab9ce333da840ddd25aa9706ddd07e

New changelog entries:
  * Fix FTBFS on Hurd by defining PATH_MAX (Closes: #690298)
    Thanks to Pino Toscano!

ubuntu/saucy-devel 2012-10-13 22:19:05 UTC 2012-10-13
Import patches-unapplied version 1.900.1-14 to debian/sid

Author: Roland Stigge
Author Date: 2012-10-13 16:06:57 UTC

Import patches-unapplied version 1.900.1-14 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 38dbea7d60ab9ce333da840ddd25aa9706ddd07e

New changelog entries:
  * Fix FTBFS on Hurd by defining PATH_MAX (Closes: #690298)
    Thanks to Pino Toscano!

applied/ubuntu/saucy 2012-10-13 22:19:05 UTC 2012-10-13
Import patches-applied version 1.900.1-14 to applied/debian/sid

Author: Roland Stigge
Author Date: 2012-10-13 16:06:57 UTC

Import patches-applied version 1.900.1-14 to applied/debian/sid

Imported using git-ubuntu import.

Changelog parent: e71cec755a008be7ca57ebd8d33c0a5d306b3cf3
Unapplied parent: 49c24f132948f7e92c5f93d4b7779b6d88e6ec46

New changelog entries:
  * Fix FTBFS on Hurd by defining PATH_MAX (Closes: #690298)
    Thanks to Pino Toscano!

applied/ubuntu/raring 2012-10-13 22:19:05 UTC 2012-10-13
Import patches-applied version 1.900.1-14 to applied/debian/sid

Author: Roland Stigge
Author Date: 2012-10-13 16:06:57 UTC

Import patches-applied version 1.900.1-14 to applied/debian/sid

Imported using git-ubuntu import.

Changelog parent: e71cec755a008be7ca57ebd8d33c0a5d306b3cf3
Unapplied parent: 49c24f132948f7e92c5f93d4b7779b6d88e6ec46

New changelog entries:
  * Fix FTBFS on Hurd by defining PATH_MAX (Closes: #690298)
    Thanks to Pino Toscano!

ubuntu/quantal 2012-10-04 12:16:23 UTC 2012-10-04
Import patches-unapplied version 1.900.1-13build1 to ubuntu/quantal

Author: Colin Watson
Author Date: 2012-10-04 08:17:45 UTC

Import patches-unapplied version 1.900.1-13build1 to ubuntu/quantal

Imported using git-ubuntu import.

Changelog parent: 38dbea7d60ab9ce333da840ddd25aa9706ddd07e

New changelog entries:
  * Rebuild for new armel compiler default of ARMv5t.

ubuntu/quantal-devel 2012-10-04 12:16:23 UTC 2012-10-04
Import patches-unapplied version 1.900.1-13build1 to ubuntu/quantal

Author: Colin Watson
Author Date: 2012-10-04 08:17:45 UTC

Import patches-unapplied version 1.900.1-13build1 to ubuntu/quantal

Imported using git-ubuntu import.

Changelog parent: 38dbea7d60ab9ce333da840ddd25aa9706ddd07e

New changelog entries:
  * Rebuild for new armel compiler default of ARMv5t.

applied/ubuntu/quantal-devel 2012-10-04 12:16:23 UTC 2012-10-04
Import patches-applied version 1.900.1-13build1 to applied/ubuntu/quantal

Author: Colin Watson
Author Date: 2012-10-04 08:17:45 UTC

Import patches-applied version 1.900.1-13build1 to applied/ubuntu/quantal

Imported using git-ubuntu import.

Changelog parent: e71cec755a008be7ca57ebd8d33c0a5d306b3cf3
Unapplied parent: 98082ca65fa19797eb49b35e1783ee12565cd2f7

New changelog entries:
  * Rebuild for new armel compiler default of ARMv5t.

applied/ubuntu/quantal 2012-10-04 12:16:23 UTC 2012-10-04
Import patches-applied version 1.900.1-13build1 to applied/ubuntu/quantal

Author: Colin Watson
Author Date: 2012-10-04 08:17:45 UTC

Import patches-applied version 1.900.1-13build1 to applied/ubuntu/quantal

Imported using git-ubuntu import.

Changelog parent: e71cec755a008be7ca57ebd8d33c0a5d306b3cf3
Unapplied parent: 98082ca65fa19797eb49b35e1783ee12565cd2f7

New changelog entries:
  * Rebuild for new armel compiler default of ARMv5t.

applied/debian/lenny 2012-03-10 15:12:41 UTC 2012-03-10
Import patches-applied version 1.900.1-5.1+lenny2 to applied/debian/lenny

Author: Roland Stigge
Author Date: 2011-12-24 13:19:04 UTC

Import patches-applied version 1.900.1-5.1+lenny2 to applied/debian/lenny

Imported using git-ubuntu import.

Changelog parent: 32d01e29ef6aab420ddeb85ebbb74a87f395ab87
Unapplied parent: d02ffd829e62bd96d82f8099b115c358dc6d689a

New changelog entries:
  * Backported patch from #652649:
    - CVE-2011-4516: Heap-based buffer overflow
    - CVE-2011-4517: Heap-based buffer overflow

debian/lenny 2012-03-10 15:12:41 UTC 2012-03-10
Import patches-unapplied version 1.900.1-5.1+lenny2 to debian/lenny

Author: Roland Stigge
Author Date: 2011-12-24 13:19:04 UTC

Import patches-unapplied version 1.900.1-5.1+lenny2 to debian/lenny

Imported using git-ubuntu import.

Changelog parent: bcb747d7a568f4e77ce5656e2bbd348b0a5778c4

New changelog entries:
  * Backported patch from #652649:
    - CVE-2011-4516: Heap-based buffer overflow
    - CVE-2011-4517: Heap-based buffer overflow

debian/squeeze 2012-01-28 15:22:09 UTC 2012-01-28
Import patches-unapplied version 1.900.1-7+squeeze1 to debian/squeeze

Author: Roland Stigge
Author Date: 2011-12-22 13:19:04 UTC

Import patches-unapplied version 1.900.1-7+squeeze1 to debian/squeeze

Imported using git-ubuntu import.

Changelog parent: 9b89ff964efee5328b09fcbae8416a4fdb080a66

New changelog entries:
  * Backported patch from #652649:
    - CVE-2011-4516: Heap-based buffer overflow
    - CVE-2011-4517: Heap-based buffer overflow

applied/debian/squeeze 2012-01-28 15:22:09 UTC 2012-01-28
Import patches-applied version 1.900.1-7+squeeze1 to applied/debian/squeeze

Author: Roland Stigge
Author Date: 2011-12-22 13:19:04 UTC

Import patches-applied version 1.900.1-7+squeeze1 to applied/debian/squeeze

Imported using git-ubuntu import.

Changelog parent: f9df21e8431b03e85dd57e938edd0e38b4f493ff
Unapplied parent: 69dc5207fc217e78faa54fe481ec8bd5fede2c36

New changelog entries:
  * Backported patch from #652649:
    - CVE-2011-4516: Heap-based buffer overflow
    - CVE-2011-4517: Heap-based buffer overflow

ubuntu/precise 2012-01-05 03:25:08 UTC 2012-01-05
Import patches-unapplied version 1.900.1-13 to debian/sid

Author: Roland Stigge
Author Date: 2012-01-04 18:14:40 UTC

Import patches-unapplied version 1.900.1-13 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 863edc733bb0c4c80d1b4bf5c0d64b2409701e69

New changelog entries:
  * Fix CVE-2011-4516 and CVE-2011-4517: Two buffer overflow issues possibly
    exploitable via specially crafted input files (Closes: #652649)
    Thanks to Red Hat and Michael Gilbert

applied/ubuntu/precise 2012-01-05 03:25:08 UTC 2012-01-05
Import patches-applied version 1.900.1-13 to applied/debian/sid

Author: Roland Stigge
Author Date: 2012-01-04 18:14:40 UTC

Import patches-applied version 1.900.1-13 to applied/debian/sid

Imported using git-ubuntu import.

Changelog parent: 6247b382c2d876e50cec2df1b37ef09d5a90742f
Unapplied parent: ca022c54dc82f820ca79d653986ae110d45349cc

New changelog entries:
  * Fix CVE-2011-4516 and CVE-2011-4517: Two buffer overflow issues possibly
    exploitable via specially crafted input files (Closes: #652649)
    Thanks to Red Hat and Michael Gilbert

applied/ubuntu/natty-updates 2011-12-20 15:04:15 UTC 2011-12-20
Import patches-applied version 1.900.1-7ubuntu2.11.04.1 to applied/ubuntu/nat...

Author: Marc Deslauriers
Author Date: 2011-12-19 15:45:25 UTC

Import patches-applied version 1.900.1-7ubuntu2.11.04.1 to applied/ubuntu/natty-security

Imported using git-ubuntu import.

Changelog parent: 19b88c61b443bd3ba52d142aba085f67d720f57d
Unapplied parent: 2b18880164edea54e918c768fac03ecd93a4b9f5

New changelog entries:
  * SECURITY UPDATE: denial of service and possible code execution via
    heap-based buffer overflows.
    - src/libjasper/jpc/jpc_cs.c: validate compparms->numrlvls and allocate
      proper size in src/libjasper/jpc/jpc_cs.c.
    - Thanks to Red Hat for the patch
    - CVE-2011-4516
    - CVE-2011-4517

applied/ubuntu/oneiric-updates 2011-12-20 15:04:15 UTC 2011-12-20
Import patches-applied version 1.900.1-7ubuntu2.11.10.1 to applied/ubuntu/one...

Author: Marc Deslauriers
Author Date: 2011-12-19 15:43:09 UTC

Import patches-applied version 1.900.1-7ubuntu2.11.10.1 to applied/ubuntu/oneiric-security

Imported using git-ubuntu import.

Changelog parent: 19b88c61b443bd3ba52d142aba085f67d720f57d
Unapplied parent: 1a5ca14df62a33354a97cd832132c23bd0abe1d9

New changelog entries:
  * SECURITY UPDATE: denial of service and possible code execution via
    heap-based buffer overflows.
    - src/libjasper/jpc/jpc_cs.c: validate compparms->numrlvls and allocate
      proper size in src/libjasper/jpc/jpc_cs.c.
    - Thanks to Red Hat for the patch
    - CVE-2011-4516
    - CVE-2011-4517

1100 of 198 results

Other repositories

Name Last Modified
lp:ubuntu/+source/jasper 2018-07-05
11 of 1 result
You can't create new repositories for jasper in Ubuntu.