Mageia 2020-0267: libjpeg security update
Updated libjpeg packages fix security vulnerability: libjpeg-turbo 2.0.4 has a heap-based buffer over-read in get_rgb_row() in rdppm.c via a malformed PPM input file (CVE-2020-137...
Summary
Updated libjpeg packages fix security vulnerability:
libjpeg-turbo 2.0.4 has a heap-based buffer over-read in get_rgb_row()
in rdppm.c via a malformed PPM input file (CVE-2020-13790).
References
- https://bugs.mageia.org/show_bug.cgi?id=26784
- https://ubuntu.com/security/notices/USN-4386-1
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13790
Resolution
MGASA-2020-0267 - Updated libjpeg packages fix security vulnerability
SRPMS
- 7/core/libjpeg-2.0.4-1.1.mga7
Severity
Publication date: 19 Jun 2020
URL: https://advisories.mageia.org/MGASA-2020-0267.html
Type: security
CVE: CVE-2020-13790
