Ubuntu
libjpeg-turbo package

CVE-2013-6629, CVE-2013-6630

Bug #1252912 reported by Red Ink
256
This bug affects 1 person
Affects Status Importance Assigned to Milestone
libjpeg-turbo (Ubuntu)
Fix Released
Undecided
Unassigned
Seth Arnold (seth-arnold)
information type: Private Security → Public Security
Changed in libjpeg-turbo (Ubuntu):
status: New → Confirmed
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package libjpeg-turbo - 1.3.0-0ubuntu1.1

---------------
libjpeg-turbo (1.3.0-0ubuntu1.1) saucy-security; urgency=low

  * SECURITY UPDATE: information disclosure via uninitialized memory in
    the get_sos function (LP: #1252912)
    - debian/patches/CVE-2013-6629.patch: check for duplications in
      jdmarker.c.
    - CVE-2013-6629
  * SECURITY UPDATE: information disclosure via uninitialized memory in
    the get_dht function (LP: #1252912)
    - debian/patches/CVE-2013-6630.patch: properly clear out memory in
      jdmarker.c.
    - CVE-2013-6630
 -- Marc Deslauriers <email address hidden> Fri, 22 Nov 2013 09:57:17 -0500

Changed in libjpeg-turbo (Ubuntu):
status: Confirmed → Fix Released
To post a comment you must log in.
This report contains Public Security information  
Everyone can see this security related information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.