UbuntuUpdates.org

Package "libjpeg-turbo8-dev"

Name: libjpeg-turbo8-dev

Description:

Development files for the IJG JPEG library

Latest version: 1.1.90+svn733-0ubuntu4.6
Release: precise (12.04)
Level: security
Repository: main
Head package: libjpeg-turbo
Homepage: http://libjpeg-turbo.virtualgl.org/

Links


Download "libjpeg-turbo8-dev"


Other versions of "libjpeg-turbo8-dev" in Precise

Repository Area Version
base main 1.1.90+svn733-0ubuntu4
updates main 1.1.90+svn733-0ubuntu4.6

Changelog

Version: 1.1.90+svn733-0ubuntu4.6 2021-05-03 14:07:21 UTC

  libjpeg-turbo (1.1.90+svn733-0ubuntu4.6) precise-security; urgency=medium

  * SECURITY UPDATE: Heap-based buffer over-read
    - debian/patches/CVE-2020-13790.patch: fix buf overrun caused
      by bad binary PPM in rdppm.c.
    - CVE-2020-13790

 -- <email address hidden> (Leonidas S. Barbosa) Thu, 04 Jun 2020 15:59:09 -0300

Source diff to previous version
CVE-2020-13790 libjpeg-turbo 2.0.4, and mozjpeg 4.0.0, has a heap-based buffer over-read in get_rgb_row() in rdppm.c via a malformed PPM input file.

Version: 1.1.90+svn733-0ubuntu4.3 2013-12-19 20:06:32 UTC

  libjpeg-turbo (1.1.90+svn733-0ubuntu4.3) precise-security; urgency=low

  * SECURITY UPDATE: information disclosure via uninitialized memory in
    the get_sos function (LP: #1252912)
    - debian/patches/CVE-2013-6629.patch: check for duplications in
      jdmarker.c.
    - CVE-2013-6629
  * SECURITY UPDATE: information disclosure via uninitialized memory in
    the get_dht function (LP: #1252912)
    - debian/patches/CVE-2013-6630.patch: properly clear out memory in
      jdmarker.c.
    - CVE-2013-6630
  * This package does _not_ contain the changes from
    1.1.90+svn733-0ubuntu4.2 in precise-proposed.
 -- Marc Deslauriers <email address hidden> Fri, 22 Nov 2013 10:01:42 -0500

1252912 CVE-2013-6629, CVE-2013-6630
CVE-2013-6629 The get_sos function in jdmarker.c in (1) libjpeg 6b and (2) ...
CVE-2013-6630 The get_dht function in jdmarker.c in libjpeg-turbo through 1.3.0, as ...



About   -   Send Feedback to @ubuntu_updates