Описание
Security update for libjpeg-turbo
This update for libjpeg-turbo to version 1.5.2 fixes the following issues:
- CVE-2017-15232: NULL pointer dereference in jdpostct.c and jquant1.c (boo#1062937)
This compatible version update contains the following improvements:
- Improved and updated upsampling support and sampling factors
- Memory handling correctness fixes
- Improved robustness when decoding images
This version is a dependency of Chromium 62.
Список пакетов
openSUSE Leap 42.2
libjpeg-turbo-1.5.2-38.1
libjpeg62-62.2.0-38.1
libjpeg62-32bit-62.2.0-38.1
libjpeg62-devel-62.2.0-38.1
libjpeg62-devel-32bit-62.2.0-38.1
libjpeg62-turbo-1.5.2-38.1
libjpeg8-8.1.2-38.1
libjpeg8-32bit-8.1.2-38.1
libjpeg8-devel-8.1.2-38.1
libjpeg8-devel-32bit-8.1.2-38.1
libturbojpeg0-8.1.2-38.1
libturbojpeg0-32bit-8.1.2-38.1
openSUSE Leap 42.3
libjpeg-turbo-1.5.2-38.1
libjpeg62-62.2.0-38.1
libjpeg62-32bit-62.2.0-38.1
libjpeg62-devel-62.2.0-38.1
libjpeg62-devel-32bit-62.2.0-38.1
libjpeg62-turbo-1.5.2-38.1
libjpeg8-8.1.2-38.1
libjpeg8-32bit-8.1.2-38.1
libjpeg8-devel-8.1.2-38.1
libjpeg8-devel-32bit-8.1.2-38.1
libturbojpeg0-8.1.2-38.1
libturbojpeg0-32bit-8.1.2-38.1
Ссылки
- E-Mail link for openSUSE-SU-2017:2899-1
- SUSE Security Ratings
Описание
libjpeg-turbo 1.5.2 has a NULL Pointer Dereference in jdpostct.c and jquant1.c via a crafted JPEG file.
Затронутые продукты
openSUSE Leap 42.2:libjpeg-turbo-1.5.2-38.1
openSUSE Leap 42.2:libjpeg62-32bit-62.2.0-38.1
openSUSE Leap 42.2:libjpeg62-62.2.0-38.1
openSUSE Leap 42.2:libjpeg62-devel-32bit-62.2.0-38.1
Ссылки
- CVE-2017-15232
- SUSE Bug 1062937
- SUSE Bug 1149960