Описание
Security update for libjpeg-turbo
This update for libjpeg-turbo fixes the following issues:
- CVE-2020-17541: Fixed a stack-based buffer overflow in the 'transform' component (bsc#1186764).
This update was imported from the SUSE:SLE-15:Update update project.
Список пакетов
openSUSE Leap 15.2
libjpeg-turbo-1.5.3-lp152.8.6.1
libjpeg62-62.2.0-lp152.8.6.1
libjpeg62-32bit-62.2.0-lp152.8.6.1
libjpeg62-devel-62.2.0-lp152.8.6.1
libjpeg62-devel-32bit-62.2.0-lp152.8.6.1
libjpeg62-turbo-1.5.3-lp152.8.6.1
libjpeg8-8.1.2-lp152.8.6.1
libjpeg8-32bit-8.1.2-lp152.8.6.1
libjpeg8-devel-8.1.2-lp152.8.6.1
libjpeg8-devel-32bit-8.1.2-lp152.8.6.1
libturbojpeg0-8.1.2-lp152.8.6.1
libturbojpeg0-32bit-8.1.2-lp152.8.6.1
Ссылки
- E-Mail link for openSUSE-SU-2021:0892-1
- SUSE Security Ratings
- SUSE Bug 1186764
- SUSE CVE CVE-2020-17541 page
Описание
Libjpeg-turbo all version have a stack-based buffer overflow in the "transform" component. A remote attacker can send a malformed jpeg file to the service and cause arbitrary code execution or denial of service of the target service.
Затронутые продукты
openSUSE Leap 15.2:libjpeg-turbo-1.5.3-lp152.8.6.1
openSUSE Leap 15.2:libjpeg62-32bit-62.2.0-lp152.8.6.1
openSUSE Leap 15.2:libjpeg62-62.2.0-lp152.8.6.1
openSUSE Leap 15.2:libjpeg62-devel-32bit-62.2.0-lp152.8.6.1
Ссылки
- CVE-2020-17541
- SUSE Bug 1186764