You are here
Home > Preporuke > Sigurnosni nedostatak programskog paketa libjpeg

Sigurnosni nedostatak programskog paketa libjpeg

——————————————————————————–
Fedora Update Notification
FEDORA-2015-2580
2015-02-26 02:33:29
——————————————————————————–

Name : libjpeg-turbo
Product : Fedora 20
Version : 1.3.1
Release : 3.fc20
URL : http://sourceforge.net/projects/libjpeg-turbo
Summary : A MMX/SSE2 accelerated library for manipulating JPEG image files
Description :
The libjpeg-turbo package contains a library of functions for manipulating JPEG
images.

——————————————————————————–
Update Information:

Security fix for CVE-2014-9092
——————————————————————————–
ChangeLog:

* Wed Feb 25 2015 Petr Hracek <phracek@redhat.com> – 1.3.1-3
– CVE-2014-9092 libjpeg-turbo: denial of service via speciallu crafted JPEG file
(#1169845)
* Thu Apr 17 2014 Simone Caronni <negativo17@gmail.com> – 1.3.1-2
– Re-add libjpeg-devel requirements for broken packages since Fedora 13.
* Wed Apr 16 2014 Petr Hracek <phracek@redhat.com> – 1.3.1-1
– New upstream version
– Remove upstreamed patches, add missing jpegint.h
– Clean up SPEC file
– Disable –static subpackage
– Remove libjpeg obsolency, removed in Fedora 13
* Thu Dec 19 2013 Petr Hracek <phracek@redhat.com> – 1.3.0-2
– Apply fixes CVE-2013-6629, CVE-2013-6630 (#20131737)
——————————————————————————–
References:

[ 1 ] Bug #1169845 – CVE-2014-9092 libjpeg-turbo: denial of service via specially-crafted JPEG file
https://bugzilla.redhat.com/show_bug.cgi?id=1169845
——————————————————————————–

This update can be installed with the “yum” update program. Use
su -c ‘yum update libjpeg-turbo’ at the command line.
For more information, refer to “Managing Software with yum”,
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce

——————————————————————————–
Fedora Update Notification
FEDORA-2015-2615
2015-02-26 02:34:47
——————————————————————————–

Name : libjpeg-turbo
Product : Fedora 21
Version : 1.3.1
Release : 5.fc21
URL : http://sourceforge.net/projects/libjpeg-turbo
Summary : A MMX/SSE2 accelerated library for manipulating JPEG image files
Description :
The libjpeg-turbo package contains a library of functions for manipulating JPEG
images.

——————————————————————————–
Update Information:

Security fix for CVE-2014-9092
——————————————————————————–
ChangeLog:

* Tue Feb 24 2015 Petr Hracek <phracek@redhat.com> – 1.3.1-5
– CVE-2014-9092 libjpeg-turbo: denial of service via speciallu crafted JPEG file (#1169845)
——————————————————————————–
References:

[ 1 ] Bug #1169845 – CVE-2014-9092 libjpeg-turbo: denial of service via specially-crafted JPEG file
https://bugzilla.redhat.com/show_bug.cgi?id=1169845
——————————————————————————–

This update can be installed with the “yum” update program. Use
su -c ‘yum update libjpeg-turbo’ at the command line.
For more information, refer to “Managing Software with yum”,
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce

Top
More in Preporuke
Sigurnosni nedostaci programskog paketa icu

Otkriveni su sigurnosni nedostaci u programskom paketu icu za operacijski sustav Ubuntu. Otkriveni nedostaci potencijalnim napadačima omogućuju izvršavanje proizvoljnog programskog...

Close