libjpeg-turbo (1.1.90+svn733-0ubuntu4.6) precise-security; urgency=medium
* SECURITY UPDATE: Heap-based buffer over-read
- debian/patches/CVE-2020-13790.patch: fix buf overrun caused
by bad binary PPM in rdppm.c.
- CVE-2020-13790
libjpeg-turbo (1.1.90+svn733-0ubuntu4.5) precise-security; urgency=medium
[ Marc Deslauriers ]
* SECURITY UPDATE: denial of service via JPEG file
- debian/patches/CVE-2014-9092.patch: adjust size in jchuff.c.
- CVE-2014-9092
* SECURITY UPDATE: denial of service via crafted file
- debian/patches/CVE-2016-3616.patch: check range of integer values in
PPM text file in cderror.h, rdppm.c.
- CVE-2016-3616
- CVE-2018-11213
- CVE-2018-11214
* SECURITY UPDATE: divide-by-zero via crafted file
- debian/patches/CVE-2018-11212.patch: check image size in rdtarga.c.
- CVE-2018-11212
* SECURITY UPDATE: division by zero via BMP image
- debian/patches/CVE-2018-1152.patch: add size check in rdbmp.c.
- CVE-2018-1152
Date: 2020-06-08 12:40:15.395092+00:00
Changed-By: leo.barb...@canonical.com (Leonidas S. Barbosa)
Signed-By: Ubuntu Archive Robot <ubuntu-archive-ro...@lists.canonical.com>
https://launchpad.net/ubuntu/+source/libjpeg-turbo/1.1.90+svn733-0ubuntu4.6
Sorry, changesfile not available.
--
Precise-changes mailing list
Precise-changes@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/precise-changes