Package "libjpeg-turbo"

Name: libjpeg-turbo


This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • Program for testing libjpeg-turbo
  • IJG JPEG compliant runtime library.

Latest version: 1.1.90+svn733-0ubuntu4.6
Release: precise (12.04)
Level: security
Repository: universe


Other versions of "libjpeg-turbo" in Precise

Repository Area Version
base universe 1.1.90+svn733-0ubuntu4
base main 1.1.90+svn733-0ubuntu4
security main 1.1.90+svn733-0ubuntu4.6
updates main 1.1.90+svn733-0ubuntu4.6
updates universe 1.1.90+svn733-0ubuntu4.6

Packages in group

Deleted packages are displayed in grey.


Version: 1.1.90+svn733-0ubuntu4.6 2021-05-03 14:07:24 UTC

  libjpeg-turbo (1.1.90+svn733-0ubuntu4.6) precise-security; urgency=medium

  * SECURITY UPDATE: Heap-based buffer over-read
    - debian/patches/CVE-2020-13790.patch: fix buf overrun caused
      by bad binary PPM in rdppm.c.
    - CVE-2020-13790

 -- <email address hidden> (Leonidas S. Barbosa) Thu, 04 Jun 2020 15:59:09 -0300

Source diff to previous version
CVE-2020-13790 libjpeg-turbo 2.0.4, and mozjpeg 4.0.0, has a heap-based buffer over-read in get_rgb_row() in rdppm.c via a malformed PPM input file.

Version: 1.1.90+svn733-0ubuntu4.3 2013-12-19 20:06:25 UTC

  libjpeg-turbo (1.1.90+svn733-0ubuntu4.3) precise-security; urgency=low

  * SECURITY UPDATE: information disclosure via uninitialized memory in
    the get_sos function (LP: #1252912)
    - debian/patches/CVE-2013-6629.patch: check for duplications in
    - CVE-2013-6629
  * SECURITY UPDATE: information disclosure via uninitialized memory in
    the get_dht function (LP: #1252912)
    - debian/patches/CVE-2013-6630.patch: properly clear out memory in
    - CVE-2013-6630
  * This package does _not_ contain the changes from
    1.1.90+svn733-0ubuntu4.2 in precise-proposed.
 -- Marc Deslauriers <email address hidden> Fri, 22 Nov 2013 10:01:42 -0500

1252912 CVE-2013-6629, CVE-2013-6630
CVE-2013-6629 The get_sos function in jdmarker.c in (1) libjpeg 6b and (2) ...
CVE-2013-6630 The get_dht function in jdmarker.c in libjpeg-turbo through 1.3.0, as ...

About   -   Send Feedback to @ubuntu_updates