[ubuntu/disco-security] libjpeg-turbo 2.0.1-0ubuntu2.2 (Accepted)
Leonidas S. Barbosa
leo.barbosa at canonical.com
Wed Nov 13 14:41:49 UTC 2019
libjpeg-turbo (2.0.1-0ubuntu2.2) disco-security; urgency=medium
* SECURITY UPDATE: heap-based buffer over-read
- debian/patches/CVE-2018-19664.patch: avoid
quantization w/ non-RGB CS in wrbmp.c.
- CVE-2018-19664
* SECURITY UPDATE: heap-based buffer overflow
- debian/patches/CVE-2018-20330.patch: fix int
overflow and segfault w/ big BMP in
turbojpeg.c
- CVE-2018-20330
* SECURITY UPDATE: Several integer overflow and subsequent
segfaults
- debian/patches/CVE-2019-2201.patch: properly handled
gigapixel images in java/TJBench.java, tjbench.c,
tjunittest.c, turbojpeg.c.
- CVE-2019-2201
Date: 2019-11-12 14:54:14.854601+00:00
Changed-By: leo.barbosa at canonical.com (Leonidas S. Barbosa)
https://launchpad.net/ubuntu/+source/libjpeg-turbo/2.0.1-0ubuntu2.2
-------------- next part --------------
Sorry, changesfile not available.
More information about the Disco-changes
mailing list