| Revision Date: | 2019-04-30 | Version: | 1 |
| Title: | Security update for libjpeg-turbo (Moderate) |
| Description: |
This update for libjpeg-turbo fixes the following issues:
The following security vulnerabilities were addressed:
- CVE-2018-14498: Fixed a heap-based buffer over read in get_8bit_row function which could allow to an attacker to cause denial of service (bsc#1128712). - CVE-2018-11813: Fixed the end-of-file mishandling in read_pixel in rdtarga.c, which allowed remote attackers to cause a denial-of-service via crafted JPG files due to a large loop (bsc#1096209) - CVE-2018-1152: Fixed a denial of service in start_input_bmp() rdbmp.c caused by a divide by zero when processing a crafted BMP image (bsc#1098155)
|
| Family: | unix | Class: | patch |
| Status: | | Reference(s): | 1096209
1098155
1128712
CVE-2018-1152
CVE-2018-11813
CVE-2018-14498
SUSE-SU-2019:1111-1
|
| Platform(s): | SUSE Linux Enterprise Server 12 SP3
| Product(s): | |
| Definition Synopsis |
| SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information
libjpeg-turbo-1.5.3-31.14.2 is installed
OR libjpeg62-62.2.0-31.14.2 is installed
OR libjpeg62-32bit-62.2.0-31.14.2 is installed
OR libjpeg62-turbo-1.5.3-31.14.2 is installed
OR libjpeg8-8.1.2-31.14.2 is installed
OR libjpeg8-32bit-8.1.2-31.14.2 is installed
OR libturbojpeg0-8.1.2-31.14.2 is installed
|