/[advisories]/24565.adv
ViewVC logotype

Contents of /24565.adv

Parent Directory Parent Directory | Revision Log Revision Log


Revision 8433 - (show annotations) (download)
Fri Apr 5 17:37:26 2019 UTC (2 months, 3 weeks ago) by tmb
File size: 778 byte(s)
MGASA-2019-0132: libjpeg-1.5.1-1.3.mga6
1 type: security
2 subject: Updated libjpeg packages fix security vulnerability
3 CVE:
4 - CVE-2018-14498
5 src:
6 6:
7 core:
8 - libjpeg-1.5.1-1.3.mga6
9 description: |
10 get_8bit_row in rdbmp.c in libjpeg-turbo through 1.5.90 and MozJPEG through
11 3.3.1 allows attackers to cause a denial of service (heap-based buffer
12 over-read and application crash) via a crafted 8-bit BMP in which one or
13 more of the color indices is out of range for the number of palette
14 entries. (CVE-2018-14498)
15 references:
16 - https://bugs.mageia.org/show_bug.cgi?id=24565
17 - http://lists.suse.com/pipermail/sle-security-updates/2019-March/005227.html
18 - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/F7YP4QUEYGHI4Q7GIAVFVKWQ7DJMBYLU/
19 ID: MGASA-2019-0132

  ViewVC Help
Powered by ViewVC 1.1.26