SUSE-SU-2019:1111-1 -- SLES libjpeg-turbo, libjpeg62, libturbojpeg0ID: oval:org.secpod.oval:def:89003434 | Date: (C)2021-02-27 (M)2022-10-10 |
Class: PATCH | Family: unix |
This update for libjpeg-turbo fixes the following issues: The following security vulnerabilities were addressed: - CVE-2018-14498: Fixed a heap-based buffer over read in get_8bit_row function which could allow to an attacker to cause denial of service . - CVE-2018-11813: Fixed the end-of-file mishandling in read_pixel in rdtarga.c, which allowed remote attackers to cause a denial-of-service via crafted JPG files due to a large loop - CVE-2018-1152: Fixed a denial of service in start_input_bmp rdbmp.c caused by a divide by zero when processing a crafted BMP image
Platform: |
SUSE Linux Enterprise Server 12 SP3 |
SUSE Linux Enterprise Server 12 SP4 |
Product: |
libjpeg-turbo |
libjpeg62 |
libturbojpeg0 |