Explore top 10 tips to secure your open-source projects now. Read More
×
Date: Tue, 10 Dec 2013 15:53:14 +0000 Reply-To: scientific-linux-users@ Sender: Security Errata for Scientific LinuxFrom: Pat Riehecky Subject: Security ERRATA Moderate: libjpeg-turbo on SL6.x i386/x86_64 MIME-Version: 1.0 Synopsis: Moderate: libjpeg-turbo security update Advisory ID: SLSA-2013:1803-1 Issue Date: 2013-12-10 CVE Numbers: CVE-2013-6629 CVE-2013-6630 -- An uninitialized memory read issue was found in the way libjpeg-turbo decoded images with missing Start Of Scan (SOS) JPEG markers or Define Huffman Table (DHT) JPEG markers. A remote attacker could create a specially crafted JPEG image that, when decoded, could possibly lead to a disclosure of potentially sensitive information. (CVE-2013-6629, CVE-2013-6630) -- SL6 x86_64 libjpeg-turbo-1.2.1-3.el6_5.i686.rpm libjpeg-turbo-1.2.1-3.el6_5.x86_64.rpm libjpeg-turbo-debuginfo-1.2.1-3.el6_5.i686.rpm libjpeg-turbo-debuginfo-1.2.1-3.el6_5.x86_64.rpm libjpeg-turbo-devel-1.2.1-3.el6_5.i686.rpm libjpeg-turbo-devel-1.2.1-3.el6_5.x86_64.rpm libjpeg-turbo-static-1.2.1-3.el6_5.x86_64.rpm i386 libjpeg-turbo-1.2.1-3.el6_5.i686.rpm libjpeg-turbo-debuginfo-1.2.1-3.el6_5.i686.rpm libjpeg-turbo-devel-1.2.1-3.el6_5.i686.rpm libjpeg-turbo-static-1.2.1-3.el6_5.i686.rpm - Scientific Linux Development Team