SUSE Package Hub - SUSE-SLE-Module-Packagehub-Subpackages-15-SP2-2020-2569

Update Info

SUSE-SLE-Module-Packagehub-Subpackages-15-SP2-2020-2569

Security update for libjpeg-turbo

Type: security

Severity: moderate

Issued: 2020-09-08

Description:

This update for libjpeg-turbo fixes the following issues:

- CVE-2020-13790: Fixed a heap-based buffer over-read via a malformed PPM input file (bsc#1172491).

References

CVE: CVE-2020-13790
Bugzilla: 1172491 VUL-1: CVE-2020-13790: libjpeg-turbo: heap-based buffer over-read in get_rgb_row() in rdppm.c via a malformed PPM input file

Packages

libjpeg-turbo-1.5.3-5.15.7