Advisories » MGASA-2014-0544

Updated libjpeg packages fix security vulnerability

Publication date: 23 Dec 2014
Modification date: 23 Dec 2014
Type: security
Affected Mageia releases : 4
CVE: CVE-2014-9092

Description

Passing a specially crafted jpeg file to libjpeg-turbo could lead to stack
smashing (CVE-2014-9092).
                

References

• https://bugs.mageia.org/show_bug.cgi?id=14810
• http://lists.opensuse.org/opensuse-updates/2014-12/msg00055.html
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9092

SRPMS

4/core

• libjpeg-1.3.0-3.1.mga4