openSUSE-SU-2021:1958-1

Опубликовано: 10 июл. 2021

Источник: suse-cvrf

Описание

Security update for libjpeg-turbo

This update for libjpeg-turbo fixes the following issues:

CVE-2020-17541: Fixed a stack-based buffer overflow in the 'transform' component (bsc#1186764).

Список пакетов

openSUSE Leap 15.3

libjpeg-turbo-1.5.3-5.18.1

libjpeg62-62.2.0-5.18.1

libjpeg62-32bit-62.2.0-5.18.1

libjpeg62-devel-62.2.0-5.18.1

libjpeg62-devel-32bit-62.2.0-5.18.1

libjpeg62-turbo-1.5.3-5.18.1

libjpeg8-8.1.2-5.18.1

libjpeg8-32bit-8.1.2-5.18.1

libjpeg8-devel-8.1.2-5.18.1

libjpeg8-devel-32bit-8.1.2-5.18.1

libturbojpeg0-8.1.2-5.18.1

libturbojpeg0-32bit-8.1.2-5.18.1

Ссылки

https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/JEVT5FS4C2453YNMGNJH5GEW4YPAD5DS/
E-Mail link for openSUSE-SU-2021:1958-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1186764
SUSE Bug 1186764
https://www.suse.com/security/cve/CVE-2020-17541/
SUSE CVE CVE-2020-17541 page

Описание

Libjpeg-turbo all version have a stack-based buffer overflow in the "transform" component. A remote attacker can send a malformed jpeg file to the service and cause arbitrary code execution or denial of service of the target service.

Затронутые продукты

openSUSE Leap 15.3:libjpeg-turbo-1.5.3-5.18.1

openSUSE Leap 15.3:libjpeg62-32bit-62.2.0-5.18.1

openSUSE Leap 15.3:libjpeg62-62.2.0-5.18.1

openSUSE Leap 15.3:libjpeg62-devel-32bit-62.2.0-5.18.1

Ссылки

https://www.suse.com/security/cve/CVE-2020-17541.html
CVE-2020-17541
https://bugzilla.suse.com/1186764
SUSE Bug 1186764

openSUSE-SU-2021:1958-1

Описание

Список пакетов

openSUSE Leap 15.3

Ссылки

Уязвимость: CVE-2020-17541

Описание

Затронутые продукты

Ссылки