Advisories » MGASA-2016-0224

Updated libjpeg packages fix security vulnerability

Publication date: 13 Jun 2016
Modification date: 13 Jun 2016
Type: security
Affected Mageia releases : 5

Description

Updated libjpeg packages fix security vulnerability:

Out-of-Bounds Read in libjpeg-turbo before 1.5.0 via unusually long
Blocks in MCU (LJT-01-005).
                

References

• https://bugs.mageia.org/show_bug.cgi?id=18677
• https://wiki.mozilla.org/images/7/77/Libjpeg-turbo-report.pdf
• https://docs.google.com/document/d/1uxETuTL7_tVgE8EB49RhxxHuCyDIbcsS9fHNimBixm4/edit

SRPMS

5/core

• libjpeg-1.3.1-4.1.mga5