RHSA-2013:1803-01 -- Redhat libjpeg-turboID: oval:org.secpod.oval:def:501153 | Date: (C)2013-12-10 (M)2023-12-26 |
Class: PATCH | Family: unix |
The libjpeg-turbo package contains a library of functions for manipulating JPEG images. It also contains simple client programs for accessing the libjpeg functions. An uninitialized memory read issue was found in the way libjpeg-turbo decoded images with missing Start Of Scan JPEG markers or Define Huffman Table JPEG markers. A remote attacker could create a specially crafted JPEG image that, when decoded, could possibly lead to a disclosure of potentially sensitive information. All libjpeg-turbo users are advised to upgrade to these updated packages, which contain backported patches to correct these issues.
Platform: |
Red Hat Enterprise Linux 6 |