Описание
Security update for libjpeg-turbo
This update for libjpeg-turbo fixes the following issues:
- CVE-2020-13790: Fixed a heap-based buffer over-read via a malformed PPM input file (bsc#1172491).
This update was imported from the SUSE:SLE-15:Update update project.
Список пакетов
openSUSE Leap 15.2
libjpeg-turbo-1.5.3-lp152.8.3.1
libjpeg62-62.2.0-lp152.8.3.1
libjpeg62-32bit-62.2.0-lp152.8.3.1
libjpeg62-devel-62.2.0-lp152.8.3.1
libjpeg62-devel-32bit-62.2.0-lp152.8.3.1
libjpeg62-turbo-1.5.3-lp152.8.3.1
libjpeg8-8.1.2-lp152.8.3.1
libjpeg8-32bit-8.1.2-lp152.8.3.1
libjpeg8-devel-8.1.2-lp152.8.3.1
libjpeg8-devel-32bit-8.1.2-lp152.8.3.1
libturbojpeg0-8.1.2-lp152.8.3.1
libturbojpeg0-32bit-8.1.2-lp152.8.3.1
Ссылки
- E-Mail link for openSUSE-SU-2020:1458-1
- SUSE Security Ratings
- SUSE Bug 1172491
- SUSE CVE CVE-2020-13790 page
Описание
libjpeg-turbo 2.0.4, and mozjpeg 4.0.0, has a heap-based buffer over-read in get_rgb_row() in rdppm.c via a malformed PPM input file.
Затронутые продукты
openSUSE Leap 15.2:libjpeg-turbo-1.5.3-lp152.8.3.1
openSUSE Leap 15.2:libjpeg62-32bit-62.2.0-lp152.8.3.1
openSUSE Leap 15.2:libjpeg62-62.2.0-lp152.8.3.1
openSUSE Leap 15.2:libjpeg62-devel-32bit-62.2.0-lp152.8.3.1
Ссылки
- CVE-2020-13790
- SUSE Bug 1172491