CLSA-2026-1778218633
See a problem?- Import Source
- https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux7els/CLSA-2026-1778218633.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CLSA-2026-1778218633
- Upstream
- Published
- 2026-05-08T05:37:18Z
- Modified
- 2026-05-27T11:18:28.008891451Z
- Summary
- jasper: Fix of 3 CVEs
- Details
-
- Add Amazon Linux 2 ELS support (mirrors centos7els branch with .amzn2 dist via / leapfrog over stock 1.900.1-33.amzn2.0.1)
- Import CVE-2020-27828 patch from amzn2 stock SRPM (out-of-bounds write in jpc encoder; jasper-2.0.14-CVE-2020-27828.patch)
- Import CVE-2021-3443 patch from amzn2 stock SRPM (NULL pointer dereference in JP2 component reference handling)
- Import CVE-2021-3467 patch from amzn2 stock SRPM (NULL pointer dereference in CDEF box channel reference handling)
- References
Affected packages
TuxCare:OracleLinux:7 / jasper
Package
- Name
- jasper
- Purl
- pkg:rpm/tuxcare/jasper?distro=oraclelinux-7
TuxCare:OracleLinux:7 / jasper-devel
Package
- Name
- jasper-devel
- Purl
- pkg:rpm/tuxcare/jasper-devel?distro=oraclelinux-7
TuxCare:OracleLinux:7 / jasper-libs
Package
- Name
- jasper-libs
- Purl
- pkg:rpm/tuxcare/jasper-libs?distro=oraclelinux-7