Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 521
Alerts This Week
Warning Icon 1 521

Scientific Linux 6.x SLSA-2013:1803-1 Moderate: libjpeg-turbo Image Issue

Scientific Large Esm H446
Moderate: libjpeg-turbo security update
Date: Tue, 10 Dec 2013 15:53:14 +0000
Reply-To: scientific-linux-users@
Sender: Security Errata for Scientific Linux
 
From: Pat Riehecky 
Subject: Security ERRATA Moderate: libjpeg-turbo on SL6.x i386/x86_64
MIME-Version: 1.0

Synopsis: Moderate: libjpeg-turbo security update
Advisory ID: SLSA-2013:1803-1
Issue Date: 2013-12-10
CVE Numbers: CVE-2013-6629
 CVE-2013-6630
--

An uninitialized memory read issue was found in the way libjpeg-turbo
decoded images with missing Start Of Scan (SOS) JPEG markers or Define
Huffman Table (DHT) JPEG markers. A remote attacker could create a
specially crafted JPEG image that, when decoded, could possibly lead to a
disclosure of potentially sensitive information. (CVE-2013-6629,
CVE-2013-6630)
--

SL6
 x86_64
 libjpeg-turbo-1.2.1-3.el6_5.i686.rpm
 libjpeg-turbo-1.2.1-3.el6_5.x86_64.rpm
 libjpeg-turbo-debuginfo-1.2.1-3.el6_5.i686.rpm
 libjpeg-turbo-debuginfo-1.2.1-3.el6_5.x86_64.rpm
 libjpeg-turbo-devel-1.2.1-3.el6_5.i686.rpm
 libjpeg-turbo-devel-1.2.1-3.el6_5.x86_64.rpm
 libjpeg-turbo-static-1.2.1-3.el6_5.x86_64.rpm
 i386
 libjpeg-turbo-1.2.1-3.el6_5.i686.rpm
 libjpeg-turbo-debuginfo-1.2.1-3.el6_5.i686.rpm
 libjpeg-turbo-devel-1.2.1-3.el6_5.i686.rpm
 libjpeg-turbo-static-1.2.1-3.el6_5.i686.rpm

- Scientific Linux Development Team