JasPer is the library that deals with JPEG-2000 files in Linux systems, so it’s something that is used rather often. In fact, users might have noticed that these kinds of libraries are getting updated all the time.
“Tyler Hicks discovered that JasPer incorrectly handled memory when processing JPEG-2000 image files. If a user were tricked into opening a specially crafted JPEG-2000 image file, a remote attacker could cause JasPer to consume memory, resulting in a denial of service,” reads the security notice.
This is just one of the two vulnerabilities found in the JasPer packages. For a more detailed description of the problem, you should check the entire security notification.
The flaws can be fixed if you upgrade your system to the latest libjasper1 package. To apply the patch, users will have to run the Update Manager application. In general, a standard system update will make all the necessary changes, and you won’t have to reboot the system.
Submitted by: Arnfried Walbrecht