[arch-general] JasPer vulnerabilities

Harrison Wells hgwells260 at gmail.com
Mon Mar 7 09:55:06 UTC 2016

Is the package JasPer in extra repo vulnerable to CVE-2016-1577,
CVE-2016-2089 and CVE-2016-2116? I noticed that the version number of
JasPer is same in Debian, Ubuntu and Arch, i.e. 1.900.1. Debian and Ubuntu
seem to have updated/patched it, is Arch not vulnerable to it?

With regards,

Harrison Wells

More information about the arch-general mailing list