|
|
Subscribe / Log in / New account

Mageia alert MGASA-2020-0267 (libjpeg)



From:
              Mageia Updates <buildsystem-daemon@mageia.org> 


To:
              updates-announce@ml.mageia.org 


Subject:
              [updates-announce] MGASA-2020-0267: Updated libjpeg packages fix security vulnerability 


Date:
              Fri, 19 Jun 2020 12:26:25 +0200


Message-ID:
              <20200619102625.17B149F736@duvel.mageia.org>


MGASA-2020-0267 - Updated libjpeg packages fix security vulnerability

Publication date: 19 Jun 2020
URL: https://advisories.mageia.org/MGASA-2020-0267.html
Type: security
Affected Mageia releases: 7
CVE: CVE-2020-13790

Description:
Updated libjpeg packages fix security vulnerability:

libjpeg-turbo 2.0.4 has a heap-based buffer over-read in get_rgb_row()
in rdppm.c via a malformed PPM input file (CVE-2020-13790).

References:
- https://bugs.mageia.org/show_bug.cgi?id=26784
- https://usn.ubuntu.com/usn/usn-4386-1
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1...

SRPMS:
- 7/core/libjpeg-2.0.4-1.1.mga7
to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds