Public bug reported: Two ABI conformance issues for AArch64 have been fixed upstream in version 1.5.1:
https://github.com/libjpeg-turbo/libjpeg- turbo/commit/1120ff29a178ee666504f0067e7c079a6b792296 https://github.com/libjpeg-turbo/libjpeg- turbo/commit/cb88e5da8003afcdc443b787fdcb77285e5a8a02 The first one doesn't seem to have affected the Ubuntu builds, but the second one is present in package 1.4.2-0ubuntu3 for Xenial and I assume also in the 1.5.0 and 1.3.0 packages. Long story short, the manually implemented NEON routines stored data above the stack pointer, which is prohibited by the ABI. That data can get overwritten at any point, for example if a signal is delivered to the application, which then results in data corruption and/or crashes (the return address being one of the values stored above the stack pointer). ** Affects: libjpeg-turbo (Ubuntu) Importance: Undecided Status: New ** Tags: arm64 ** Tags added: arm64 -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to libjpeg-turbo in Ubuntu. https://bugs.launchpad.net/bugs/1669545 Title: Version 1.5.0 and older don't conform to the AArch64 ABI Status in libjpeg-turbo package in Ubuntu: New Bug description: Two ABI conformance issues for AArch64 have been fixed upstream in version 1.5.1: https://github.com/libjpeg-turbo/libjpeg- turbo/commit/1120ff29a178ee666504f0067e7c079a6b792296 https://github.com/libjpeg-turbo/libjpeg- turbo/commit/cb88e5da8003afcdc443b787fdcb77285e5a8a02 The first one doesn't seem to have affected the Ubuntu builds, but the second one is present in package 1.4.2-0ubuntu3 for Xenial and I assume also in the 1.5.0 and 1.3.0 packages. Long story short, the manually implemented NEON routines stored data above the stack pointer, which is prohibited by the ABI. That data can get overwritten at any point, for example if a signal is delivered to the application, which then results in data corruption and/or crashes (the return address being one of the values stored above the stack pointer). To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libjpeg-turbo/+bug/1669545/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : [email protected] Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
