Package : libjpeg-turbo Version : 1:1.3.1-12+deb8u2 CVE ID : CVE-2018-14498 Debian Bug : #924678
It was discovered that there was a denial of service vulnerability in the libjpeg-turbo CPU-optimised JPEG image library. A heap-based buffer over-read could be triggered by a specially-crafted bitmap (BMP) file.
For Debian 8 "Jessie", this issue has been fixed in libjpeg-turbo version 1:1.3.1-12+deb8u2.
We recommend that you upgrade your libjpeg-turbo packages.
,''`. : :' : Chris Lamb `. `'` email@example.com / chris-lamb.co.uk `-