Details at $URL. @maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.
CVE ID: CVE-2017-5498 Summary: libjasper/include/jasper/jas_math.h in JasPer 1.900.17 allows remote attackers to cause a denial of service (crash) via vectors involving left shift of a negative value. Published: 2017-03-01T15:59:00.000Z
From https://bugzilla.suse.com/show_bug.cgi?id=1020353#c1: > This issue should only show if jasper was compiled with `-fsanitize=undefined`. > > When I run the reproducer against our SLE-12:Update codestream then `imginfo` > runs into an assertion instead: > > jpc_dec.c:1829: jpc_dequantize: Assertion `absstepsize >= 0' failed. > > I don't think this issue is very severe, since under most circumstances the > undefined left shifts do the expected thing. > > I found various upstream commits that deal with this: > > 1) They disabled the undefind behaviour sanitizer via the preprocessor on this > specific spot: > > https://github.com/mdadams/jasper/commit/b032fe7fedd0b856bbe5bd7186fc1d22c03ade9f > > 2) They added a runtime assertion that the undefined left shift does what they > expect from it: > > https://github.com/mdadams/jasper/commit/dc129830baf8cfe104454d3a6e426f55af51b1d3 > > 3) They replaced all bit shift operations by calls to their wrapper function: > > https://github.com/mdadams/jasper/commit/b9be3d9f35fccb7811ff68bbd6a57156f0192427 @ Maintainer(s): Please bump to >=2.0.13!
