Nom du paquet
libjpeg
Date
2013-11-21
Advisory ID
MDVSA-2013:273
Affected versions
MBS1 x86_64

Problem description

Updated libjpeg packages fix security vulnerabilities:

libjpeg 6b and libjpeg-turbo will use uninitialized memory when
decoding images with missing SOS data for the luminance component
(Y) in presence of valid chroma data (Cr, Cb) (CVE-2013-6629).

libjpeg-turbo will use uninitialized memory when handling Huffman
tables (CVE-2013-6630).

Updated packages

MBS1 x86_64

 4b3246c5236cce36539c5a3f3383e141  mbs1/x86_64/jpeg-progs-1.2.0-5.2.mbs1.x86_64.rpm
 e903e2d84d5975c84feb30bf61e9fc27  mbs1/x86_64/lib64jpeg62-1.2.0-5.2.mbs1.x86_64.rpm
 ed2b02157825d772109fd321a4bd8da5  mbs1/x86_64/lib64jpeg8-1.2.0-5.2.mbs1.x86_64.rpm
 6257733e093dc32b01a6e9fe695f75c5  mbs1/x86_64/lib64jpeg-devel-1.2.0-5.2.mbs1.x86_64.rpm
 f5880a061f6ffe706c92619516cdb483  mbs1/x86_64/lib64jpeg-static-devel-1.2.0-5.2.mbs1.x86_64.rpm 
 e9d23e700d88863fa51623fa318e9203  mbs1/SRPMS/libjpeg-1.2.0-5.2.mbs1.src.rpm

References