Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 554
Alerts This Week
Warning Icon 1 554

openSUSE 15 SP5: 2023:0180-1 Moderate: Libjxl Integer Overflow Resolution

opensuse
Calendar Grey June 29, 2023
Dist Opensuse Esm H88
openSUSE Security Announcement: Resolution released for libjxl integer overflow vulnerability marked with moderate threat level.
An update that fixes one vulnerability is now available

Description

This update for libjxl fixes the following issues:

Update to release 0.8.2

* CVE-2023-35790: Fix an integer underflow bug in patch decoding.

(bsc#1212492)

Patch

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods

like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Backports SLE-15-SP5:

zypper in -t patch openSUSE-2023-161=1

Package List

- openSUSE Backports SLE-15-SP5 (aarch64 s390x x86_64):

libjxl-devel-0.8.2-bp155.2.3.1

libjxl-tools-0.8.2-bp155.2.3.1

libjxl0_8-0.8.2-bp155.2.3.1

- openSUSE Backports SLE-15-SP5 (aarch64_ilp32):

libjxl0_8-64bit-0.8.2-bp155.2.3.1

References

https://www.suse.com/security/cve/CVE-2023-35790.html

https://bugzilla.suse.com/1212492

Announcement ID: openSUSE-SU-2023:0161-1
Rating: moderate
Affected Products: openSUSE Backports SLE-15-SP5 .

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.