SUSE-SU-2018:1825-1 -- SLES jpeg, libjpegID: oval:org.secpod.oval:def:89002519 | Date: (C)2021-02-26 (M)2022-10-10 |
Class: PATCH | Family: unix |
This update for jpeg fixes the following issues: * CVE-2017-15232: NULL pointer dereferences in jdpostct.c and jquant1.c could lead to denial of service when processing images [bsc#1062937] * CVE-2018-11813: Fixed the end-of-file mishandling in read_pixel in rdtarga.c, which allowed remote attackers to cause a denial-of-service via crafted JPG files due to a large loop [bsc#1096209] * CVE-2018-1152: Fixed a denial of service in start_input_bmp rdbmp.c caused by a divide by zero when processing a crafted BMP image [bsc#1098155]
Platform: |
SUSE Linux Enterprise Server 11 SP4 |