Description
An issue was discovered in JasPer 1.900.8, 1.900.9, 1.900.10, 1.900.11,
1.900.12, 1.900.13, 1.900.14, 1.900.15, 1.900.16, 1.900.17, 1.900.18,
1.900.19, 1.900.20, 1.900.21, 1.900.22, 1.900.23, 1.900.24, 1.900.25,
1.900.26, 1.900.27, 1.900.28, 1.900.29, 1.900.30, 1.900.31, 2.0.0, 2.0.1,
2.0.2, 2.0.3, 2.0.4, 2.0.5, 2.0.6, 2.0.7, 2.0.8, 2.0.9, 2.0.10, 2.0.11,
2.0.12, 2.0.13, 2.0.14, 2.0.15, 2.0.16. There is a heap-based buffer
over-read of size 8 in the function jas_image_depalettize in
libjasper/base/jas_image.c.