Описание
Security update for libjxl
This update for libjxl fixes the following issues:
Update to release 0.8.2
- CVE-2023-35790: Fix an integer underflow bug in patch decoding. (bsc#1212492)
Список пакетов
SUSE Package Hub 15 SP5
libjxl-devel-0.8.2-bp155.2.3.1
libjxl-tools-0.8.2-bp155.2.3.1
libjxl0_8-0.8.2-bp155.2.3.1
libjxl0_8-64bit-0.8.2-bp155.2.3.1
openSUSE Leap 15.5
libjxl-devel-0.8.2-bp155.2.3.1
libjxl-tools-0.8.2-bp155.2.3.1
libjxl0_8-0.8.2-bp155.2.3.1
libjxl0_8-64bit-0.8.2-bp155.2.3.1
Ссылки
- E-Mail link for openSUSE-SU-2023:0161-1
- SUSE Security Ratings
- SUSE Bug 1212492
- SUSE CVE CVE-2023-35790 page
Описание
An issue was discovered in dec_patch_dictionary.cc in libjxl before 0.8.2. An integer underflow in patch decoding can lead to a denial of service, such as an infinite loop.
Затронутые продукты
SUSE Package Hub 15 SP5:libjxl-devel-0.8.2-bp155.2.3.1
SUSE Package Hub 15 SP5:libjxl-tools-0.8.2-bp155.2.3.1
SUSE Package Hub 15 SP5:libjxl0_8-0.8.2-bp155.2.3.1
SUSE Package Hub 15 SP5:libjxl0_8-64bit-0.8.2-bp155.2.3.1
Ссылки
- CVE-2023-35790
- SUSE Bug 1212492