Download
| Alert*
oval:org.secpod.oval:def:1801178
CVE-2017-15232: libjpeg-turbo 1.5.2 has a NULL Pointer Dereference in jdpostct.c and jquant1.c via a crafted JPEG file. oval:org.secpod.oval:def:1801180 CVE-2017-15232: libjpeg-turbo 1.5.2 has a NULL Pointer Dereference in jdpostct.c and jquant1.c via a crafted JPEG file. oval:org.secpod.oval:def:1801181 CVE-2017-15232: libjpeg-turbo 1.5.2 has a NULL Pointer Dereference in jdpostct.c and jquant1.c via a crafted JPEG file. oval:org.secpod.oval:def:1801182 CVE-2018-1152: libjpeg-turbo 1.5.90 is vulnerable to a denial of service vulnerability caused by a divide by zero when processing a crafted BMP image. oval:org.secpod.oval:def:89002519 This update for jpeg fixes the following issues: * CVE-2017-15232: NULL pointer dereferences in jdpostct.c and jquant1.c could lead to denial of service when processing images [bsc#1062937] * CVE-2018-11813: Fixed the end-of-file mishandling in read_pixel in rdtarga.c, which allowed remote attacker ... oval:org.secpod.oval:def:89002097 This update for libjpeg-turbo fixes the following issues: Feature update: - Update from version 1.3.1 to version 1.5.2 . Security issue fixed: - CVE-2017-15232: Fix NULL pointer dereference in jdpostct.c and jquant1.c . oval:org.secpod.oval:def:51070 libjpeg-turbo: library for handling JPEG files libjpeg-turbo could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:704151 libjpeg-turbo: library for handling JPEG files libjpeg-turbo could be made to crash or run programs as your login if it opened a specially crafted file. |