[SECURITY] Fedora 20 Update: libjpeg-turbo-1.3.1-3.fc20
updates at fedoraproject.org
updates at fedoraproject.org
Fri Mar 6 07:01:05 UTC 2015
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2015-2580
2015-02-26 02:33:29
--------------------------------------------------------------------------------
Name : libjpeg-turbo
Product : Fedora 20
Version : 1.3.1
Release : 3.fc20
URL : http://sourceforge.net/projects/libjpeg-turbo
Summary : A MMX/SSE2 accelerated library for manipulating JPEG image files
Description :
The libjpeg-turbo package contains a library of functions for manipulating JPEG
images.
--------------------------------------------------------------------------------
Update Information:
Security fix for CVE-2014-9092
--------------------------------------------------------------------------------
ChangeLog:
* Wed Feb 25 2015 Petr Hracek <phracek at redhat.com> - 1.3.1-3
- CVE-2014-9092 libjpeg-turbo: denial of service via speciallu crafted JPEG file
(#1169845)
* Thu Apr 17 2014 Simone Caronni <negativo17 at gmail.com> - 1.3.1-2
- Re-add libjpeg-devel requirements for broken packages since Fedora 13.
* Wed Apr 16 2014 Petr Hracek <phracek at redhat.com> - 1.3.1-1
- New upstream version
- Remove upstreamed patches, add missing jpegint.h
- Clean up SPEC file
- Disable --static subpackage
- Remove libjpeg obsolency, removed in Fedora 13
* Thu Dec 19 2013 Petr Hracek <phracek at redhat.com> - 1.3.0-2
- Apply fixes CVE-2013-6629, CVE-2013-6630 (#20131737)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1169845 - CVE-2014-9092 libjpeg-turbo: denial of service via specially-crafted JPEG file
https://bugzilla.redhat.com/show_bug.cgi?id=1169845
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update libjpeg-turbo' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
More information about the package-announce
mailing list