Package: libjasperreports-java Version: 6.3.1-1 Severity: important Tags: security
The recent update of jasperreports apparently fixed CVE-2017-5528 and CVE-2017-5529. There are still three CVE which are not addressed yet. The advisory for CVE-2017-5532 mentions that the solution is to upgrade to version 6.3.3 or 6.4.2. It is not clear to me whether the Debian package is actually affected by CVE-2017-5533 or CVE-2017-14941 due to lack of information. Markus
