Updated jbigkit packages fix CVE-2013-6369Publication date: 15 Apr 2014
Affected Mageia releases : 3 , 4
Updated jbigkit packages fix security vulnerability: Florian Weimer found a stack-based buffer overflow flaw in the libjbig library (part of jbigkit). A specially-crafted image file read by libjbig could be used to cause a program linked to libjbig to crash or, potentially, to execute arbitrary code (CVE-2013-6369). The jbigkit package has been updated to version 2.1, which fixes this issue, as well as a few other bugs, including the ability of corrupted input data to force the jbig85 decoder into an end-less loop.