[ubuntu/disco-updates] libjpeg-turbo 2.0.1-0ubuntu2.2 (Accepted)

Ubuntu Archive Robot cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk
Wed Nov 13 14:58:12 UTC 2019

libjpeg-turbo (2.0.1-0ubuntu2.2) disco-security; urgency=medium

  * SECURITY UPDATE: heap-based buffer over-read
    - debian/patches/CVE-2018-19664.patch: avoid
      quantization w/ non-RGB CS in wrbmp.c.
    - CVE-2018-19664
  * SECURITY UPDATE: heap-based buffer overflow
    - debian/patches/CVE-2018-20330.patch: fix int
      overflow and segfault w/ big BMP in
    - CVE-2018-20330
  * SECURITY UPDATE: Several integer overflow and subsequent
    - debian/patches/CVE-2019-2201.patch: properly handled
      gigapixel images in java/TJBench.java, tjbench.c,
      tjunittest.c, turbojpeg.c.
    - CVE-2019-2201

Date: 2019-11-12 14:54:14.854601+00:00
Changed-By: leo.barbosa at canonical.com (Leonidas S. Barbosa)
Signed-By: Ubuntu Archive Robot <cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk>
-------------- next part --------------
Sorry, changesfile not available.

More information about the Disco-changes mailing list