Download
| Alert*
oval:org.secpod.oval:def:1801180
CVE-2017-15232: libjpeg-turbo 1.5.2 has a NULL Pointer Dereference in jdpostct.c and jquant1.c via a crafted JPEG file. oval:org.secpod.oval:def:1801181 CVE-2017-15232: libjpeg-turbo 1.5.2 has a NULL Pointer Dereference in jdpostct.c and jquant1.c via a crafted JPEG file. oval:org.secpod.oval:def:1801182 CVE-2018-1152: libjpeg-turbo 1.5.90 is vulnerable to a denial of service vulnerability caused by a divide by zero when processing a crafted BMP image. oval:org.secpod.oval:def:1801178 CVE-2017-15232: libjpeg-turbo 1.5.2 has a NULL Pointer Dereference in jdpostct.c and jquant1.c via a crafted JPEG file. oval:org.secpod.oval:def:89003434 This update for libjpeg-turbo fixes the following issues: The following security vulnerabilities were addressed: - CVE-2018-14498: Fixed a heap-based buffer over read in get_8bit_row function which could allow to an attacker to cause denial of service . - CVE-2018-11813: Fixed the end-of-file mishan ... oval:org.secpod.oval:def:89002519 This update for jpeg fixes the following issues: * CVE-2017-15232: NULL pointer dereferences in jdpostct.c and jquant1.c could lead to denial of service when processing images [bsc#1062937] * CVE-2018-11813: Fixed the end-of-file mishandling in read_pixel in rdtarga.c, which allowed remote attacker ... oval:org.secpod.oval:def:114769 The libjpeg-turbo package contains a library of functions for manipulating JPEG images. oval:org.secpod.oval:def:2000335 libjpeg-turbo 1.5.90 is vulnerable to a denial of service vulnerability caused by a divide by zero when processing a crafted BMP image. oval:org.secpod.oval:def:51070 libjpeg-turbo: library for handling JPEG files libjpeg-turbo could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:704151 libjpeg-turbo: library for handling JPEG files libjpeg-turbo could be made to crash or run programs as your login if it opened a specially crafted file. |