Parent Directory | Revision Log
MGASA-2019-0132: libjpeg-1.5.1-1.3.mga6
1 | davidwhodgins | 8418 | type: security |
2 | subject: Updated libjpeg packages fix security vulnerability | ||
3 | CVE: | ||
4 | - CVE-2018-14498 | ||
5 | src: | ||
6 | 6: | ||
7 | core: | ||
8 | - libjpeg-1.5.1-1.3.mga6 | ||
9 | description: | | ||
10 | get_8bit_row in rdbmp.c in libjpeg-turbo through 1.5.90 and MozJPEG through | ||
11 | 3.3.1 allows attackers to cause a denial of service (heap-based buffer | ||
12 | over-read and application crash) via a crafted 8-bit BMP in which one or | ||
13 | more of the color indices is out of range for the number of palette | ||
14 | entries. (CVE-2018-14498) | ||
15 | references: | ||
16 | - https://bugs.mageia.org/show_bug.cgi?id=24565 | ||
17 | - http://lists.suse.com/pipermail/sle-security-updates/2019-March/005227.html | ||
18 | - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/F7YP4QUEYGHI4Q7GIAVFVKWQ7DJMBYLU/ | ||
19 | tmb | 8433 | ID: MGASA-2019-0132 |
ViewVC Help | |
Powered by ViewVC 1.1.30 |