Login
Login-Name Passwort


 
Newsletter
Werbung

Sicherheit: Denial of Service in libjpeg-turbo
Aktuelle Meldungen Distributionen
Name: Denial of Service in libjpeg-turbo
ID: FEDORA-2015-2580
Distribution: Fedora
Plattformen: Fedora 20
Datum: Fr, 6. März 2015, 08:44
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9092

Originalnachricht

Name        : libjpeg-turbo
Product : Fedora 20
Version : 1.3.1
Release : 3.fc20
URL : http://sourceforge.net/projects/libjpeg-turbo
Summary : A MMX/SSE2 accelerated library for manipulating JPEG image files
Description :
The libjpeg-turbo package contains a library of functions for manipulating JPEG
images.

-------------------------------------------------------------------------------
-
Update Information:

Security fix for CVE-2014-9092
-------------------------------------------------------------------------------
-
ChangeLog:

* Wed Feb 25 2015 Petr Hracek <phracek@redhat.com> - 1.3.1-3
- CVE-2014-9092 libjpeg-turbo: denial of service via speciallu crafted JPEG
file
(#1169845)
* Thu Apr 17 2014 Simone Caronni <negativo17@gmail.com> - 1.3.1-2
- Re-add libjpeg-devel requirements for broken packages since Fedora 13.
* Wed Apr 16 2014 Petr Hracek <phracek@redhat.com> - 1.3.1-1
- New upstream version
- Remove upstreamed patches, add missing jpegint.h
- Clean up SPEC file
- Disable --static subpackage
- Remove libjpeg obsolency, removed in Fedora 13
* Thu Dec 19 2013 Petr Hracek <phracek@redhat.com> - 1.3.0-2
- Apply fixes CVE-2013-6629, CVE-2013-6630 (#20131737)
-------------------------------------------------------------------------------
-
References:

[ 1 ] Bug #1169845 - CVE-2014-9092 libjpeg-turbo: denial of service via
specially-crafted JPEG file
https://bugzilla.redhat.com/show_bug.cgi?id=1169845
-------------------------------------------------------------------------------
-

This update can be installed with the "yum" update program. Use
su -c 'yum update libjpeg-turbo' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce
Pro-Linux
Traut euch!
Neue Nachrichten
Werbung