Debian Security Advisory
DLA-1638-1 libjpeg-turbo -- LTS security update
- Date Reported:
- 22 Jan 2019
- Affected Packages:
- Security database references:
- In Mitre's CVE dictionary: CVE-2016-3616, CVE-2018-1152, CVE-2018-11212, CVE-2018-11213, CVE-2018-11214.
- More information:
Several vulnerabilities have been resolved in libjpeg-turbo, Debian's default JPEG implemenation.
The cjpeg utility in libjpeg allowed remote attackers to cause a denial of service (NULL pointer dereference and application crash) or execute arbitrary code via a crafted file.
libjpeg-turbo has been found vulnerable to a denial of service vulnerability caused by a divide by zero when processing a crafted BMP image. The issue has been resolved by a boundary check.
The alloc_sarray function in jmemmgr.c allowed remote attackers to cause a denial of service (divide-by-zero error) via a crafted file.
The issue has been addressed by checking the image size when reading a targa file and throwing an error when image width or height is 0.
- CVE-2018-11213 /
The get_text_gray_row and get_text_rgb_row functions in rdppm.c both allowed remote attackers to cause a denial of service (Segmentation fault) via a crafted file.
By checking the range of integer values in PPM text files and adding checks to ensure values are within the specified range, both issues
For Debian 8
Jessie, these problems have been fixed in version 1:1.3.1-12+deb8u1.
We recommend that you upgrade your libjpeg-turbo packages.
Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS