An update for jasper is now available for HCE 1.1

HCE1-SA-2023-0026 An update for jasper is now available for HCE 1.1 Important HCE 1.1 Security Fix(es): A NULL pointer dereference flaw was found in the way Jasper versions before 2.0.26 handled component references in CDEF box in the JP2 image format decoder. A specially crafted JP2 image file could cause an application using the Jasper library to crash when opened. (CVE-2021-3467) Heap-based buffer overflow in the jpc_dec_decodepkt function in jpc_t2dec.c in JasPer 2.0.10 allows remote attackers to have unspecified impact via a crafted image. (CVE-2017-6852) The jpc_floorlog2 function in jpc_math.c in JasPer before 1.900.17 allows remote attackers to cause a denial of service (assertion failure) via unspecified vectors. (CVE-2016-9398) A NULL pointer dereference flaw was found in the way Jasper versions before 2.0.27 handled component references in the JP2 image format decoder. A specially crafted JP2 image file could cause an application using the Jasper library to crash when opened. (CVE-2021-3443) HCE 1.1 jasper-libs-1.900.1-35.hce1c.x86_64.rpm