-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Package : jasper Version : 1.900.1-debian1-2.4+deb8u6
The update of jasper issued as DLA-1628-1 caused a regression due to the fix for CVE-2018-19542, a NULL pointer dereference in the function jp2_decode, which could lead to a denial-of-service. In some cases not only invalid jp2 files but also valid jp2 files were rejected. For Debian 8 "Jessie", this problem has been fixed in version 1.900.1-debian1-2.4+deb8u6. We recommend that you upgrade your jasper packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAlyyVYRfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQACgkQ2a0UuVE7 UeTSSg/8DeFZqhC5gjHoP/7eC20HBa0HUqhAVFvSnaq7Wb3auNioTf3YS7TVufod 1UMFZ+ykS2BMXLI/HEh7YjD/dzb2t3Ji6ONHRcoYjw5Gpg6INnT19jI8VoCyZRGr Mys+GorCntdDrC6ZV/sfwtKnPA+ALl08r32ADbQ49N/CspRaqtWQPFAJ9KYbzXo1 oUFKo4S3eOlcM3CB+AA4AgXIeO3nWxcR4i6qFXvRO8g+z68ZCcSKwm8iKc1MuRaD SCZPEn1jlbNOvAmR2DDW7QUoT0GjHhME1kAoaWo9pJ/o2hrB5KkkHhdCXwsPFQ8w p5LOr0YkYx7peVsyu6Aed2Y/uzO7SH3XJf6dP272G0HbBaa4ei7ImtFHMIBrvoVX SVB2FxNZO6jrg4M7DU64zg1+mg4ptf/cbVw3QCZe14wuNjuTYN5oMAVYiT5+b8/X 0MtZPQJyNxWd2lq+eXGSAx2n7iYGj1TW6FERjHwiUkNRD1ehtd2fKaCLlWAJ0eOA z73W5uNjP5ftFDiL9V/AUfpg2tRHJ11uS4Z5UIEkVETK5WYSbfTpmr0oFMY2WLUA PBBH1R8KTNozvomMe+c78BbDxMGoEYJlHMG3NJh4hSFgwzE2vGU+80Y/mSAK795/ ZIPlKyXiPTV+e1m7qacMYK+/5xg/KMdj8E2GRgfsrynSXRWOEHI= =Ozle -----END PGP SIGNATURE-----
