FS#42922 - [libjpeg-turbo] stack buffer overflow (CVE-2014-9092)
Attached to Project:
Arch Linux
Opened by Remi Gacogne (rgacogne) - Thursday, 27 November 2014, 08:52 GMT
Last edited by Gaetan Bisson (vesath) - Thursday, 27 November 2014, 16:56 GMT
Opened by Remi Gacogne (rgacogne) - Thursday, 27 November 2014, 08:52 GMT
Last edited by Gaetan Bisson (vesath) - Thursday, 27 November 2014, 16:56 GMT
|
DetailsA stack-based buffer overflow (CVE-2014-9092) has been reported in libjpeg-turbo [1]. I am not sure whether upstream is planning on releasing a new version, but we might want to backport the corresponding fix [2]. [1] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=768369 [2] http://sourceforge.net/p/libjpeg-turbo/code/1427/ |
This task depends upon
Closed by Gaetan Bisson (vesath)
Thursday, 27 November 2014, 16:56 GMT
Reason for closing: Fixed
Additional comments about closing: libjpeg-turbo-1.3.1-3 in [extra]
Thursday, 27 November 2014, 16:56 GMT
Reason for closing: Fixed
Additional comments about closing: libjpeg-turbo-1.3.1-3 in [extra]