[ubuntu/disco-updates] libjpeg-turbo 2.0.1-0ubuntu2.2 (Accepted)
Ubuntu Archive Robot
cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk
Wed Nov 13 14:58:12 UTC 2019
libjpeg-turbo (2.0.1-0ubuntu2.2) disco-security; urgency=medium
* SECURITY UPDATE: heap-based buffer over-read
- debian/patches/CVE-2018-19664.patch: avoid
quantization w/ non-RGB CS in wrbmp.c.
- CVE-2018-19664
* SECURITY UPDATE: heap-based buffer overflow
- debian/patches/CVE-2018-20330.patch: fix int
overflow and segfault w/ big BMP in
turbojpeg.c
- CVE-2018-20330
* SECURITY UPDATE: Several integer overflow and subsequent
segfaults
- debian/patches/CVE-2019-2201.patch: properly handled
gigapixel images in java/TJBench.java, tjbench.c,
tjunittest.c, turbojpeg.c.
- CVE-2019-2201
Date: 2019-11-12 14:54:14.854601+00:00
Changed-By: leo.barbosa at canonical.com (Leonidas S. Barbosa)
Signed-By: Ubuntu Archive Robot <cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk>
https://launchpad.net/ubuntu/+source/libjpeg-turbo/2.0.1-0ubuntu2.2
-------------- next part --------------
Sorry, changesfile not available.
More information about the Disco-changes
mailing list