CVE-2016-8881

Publication date 13 January 2017

Last updated 4 August 2025

Ubuntu priority

Description

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2011-4517. Reason: This candidate is a duplicate of CVE-2011-4517. Notes: All CVE users should reference CVE-2011-4517 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage

Read the notes from the security team

Status

Show unmaintained releases

Package	Ubuntu Release	Status
ghostscript	17.04 zesty	Not affected
	16.10 yakkety	Not affected
	16.04 LTS xenial	Not affected
	14.04 LTS trusty	Not in release
	12.04 LTS precise	Not affected
jasper	17.04 zesty	Not in release
	16.10 yakkety	Not affected
	16.04 LTS xenial	Not affected
	14.04 LTS trusty	Not in release
	12.04 LTS precise	Not affected
netpbm-free	17.04 zesty	Not affected
	16.10 yakkety	Not affected
	16.04 LTS xenial	Not affected
	14.04 LTS trusty	Not in release
	12.04 LTS precise	Not affected

Notes

jdstrand

netpbm-free in Debian/Ubuntu is a fork of netpbm and does not contain jasper

sbeattie

reproducer available in bug report rejected, duplicate of CVE-2011-4517, see https://github.com/mdadams/jasper/issues/29#issuecomment-267322934

Patch details

For informational purposes only. We recommend not to cherry-pick updates. How can I get the fixes?

Package	Patch details
jasper	Upstream: 0d22460