Package(s):	jpeg libjpeg	CVE #(s):
Created:	June 12, 2006	Updated:	June 14, 2006
Description:	Tavis Ormandy of the Gentoo Linux Auditing Team discovered that the vulnerable JPEG library ebuilds compile JPEG without the --maxmem feature which is not recommended. By enticing a user to load a specially crafted JPEG image file an attacker could cause a denial of service, due to memory exhaustion.
Alerts:	Gentoo 200606-11 jpeg 2006-06-11

---

to post comments