Updated libjpeg packages fix security vulnerabilities: libjpeg 6b and libjpeg-turbo will use uninitialized memory when decoding images with missing SOS data for the luminance component (Y) in presence of valid chroma data (Cr, Cb) (CVE-2013-6629). libjpeg-turbo will use uninitialized memory when handling Huffman tables (CVE-2013-6630).

OSVersionArchitecturePackageVersionFilename
Mageia2noarchlibjpeg< 1.2.0-4.2libjpeg-1.2.0-4.2.mga2
Mageia3noarchlibjpeg< 1.2.1-4.1libjpeg-1.2.1-4.1.mga3

OS	Version	Architecture	Package	Version	Filename
Mageia	2	noarch	libjpeg	< 1.2.0-4.2	libjpeg-1.2.0-4.2.mga2
Mageia	3	noarch	libjpeg	< 1.2.1-4.1	libjpeg-1.2.1-4.1.mga3

References

googlechromereleases.blogspot.com/2013/11/stable-channel-update.html

permalink.gmane.org/gmane.comp.security.full-disclosure/90919

bugs.mageia.org/show_bug.cgi?id=11658

fedora 6

nessus 63

openvas 47

mozilla 1

redhat 4

centos 2

amazon 1

ubuntu 3

securityvulns 6

veracode 18

gentoo 1

oraclelinux 2

prion 2

f5 4

ubuntucve 2

cve 2

debiancve 2

symantec 1

slackware 1

mskb 8

mscve 1

kaspersky 3

ibm 7

threatpost 1

mageia 1

freebsd 2

chrome 1

suse 4

debian 2

osv 1

fedora

[SECURITY] Fedora 19 Update: libjpeg-turbo-1.2.90-3.fc19

2014-01-10 07:56:56

[SECURITY] Fedora 19 Update: mingw-libjpeg-turbo-1.3.1-1.fc19

2014-06-10 03:13:25

[SECURITY] Fedora 20 Update: libjpeg-turbo-1.3.0-2.fc20

2013-12-24 03:42:20

nessus

Mandriva Linux Security Advisory : libjpeg (MDVSA-2013:273)

2013-11-22 00:00:00

Ubuntu 10.04 LTS / 12.04 LTS / 12.10 / 13.04 / 13.10 : libjpeg-turbo, libjpeg6b vulnerabilities (USN-2060-1)

2013-12-20 00:00:00

Scientific Linux Security Update : libjpeg-turbo on SL6.x i386/x86_64 (20131210)

2013-12-11 00:00:00

openvas

CentOS Update for libjpeg-turbo CESA-2013:1803 centos6

2013-12-17 00:00:00

Ubuntu: Security Advisory (USN-2060-1)

2013-12-23 00:00:00

Amazon Linux: Security Advisory (ALAS-2013-267)

2015-09-08 00:00:00

mozilla

JPEG information leak — Mozilla

2013-12-10 00:00:00

redhat

(RHSA-2013:1803) Moderate: libjpeg-turbo security update

2013-12-09 00:00:00

(RHSA-2013:1804) Moderate: libjpeg security update

2013-12-09 00:00:00

(RHSA-2014:0041) Important: rhev-hypervisor6 security update

2014-01-21 00:00:00

centos

libjpeg security update

2013-12-10 01:01:49

libjpeg security update

2013-12-10 00:47:48

amazon

Medium: libjpeg-turbo

2013-12-17 21:32:00

ubuntu

libjpeg, libjpeg-turbo vulnerabilities

2013-12-19 00:00:00

Thunderbird vulnerabilities

2013-12-11 00:00:00

Firefox vulnerabilities

2013-12-11 00:00:00

securityvulns

bugs in IJG jpeg6b & libjpeg-turbo

2013-12-09 00:00:00

[ MDVSA-2013:274 ] libjpeg

2013-11-26 00:00:00

libjpeg multiple security vulnerabilities

2013-12-09 00:00:00

veracode

Sensitive Information Disclosure

2019-05-02 05:00:31

Information Disclosure

2019-01-15 08:53:01

Privilege Escalation

2019-05-02 04:58:06

gentoo

libjpeg-turbo: Multiple vulnerabilities

2016-06-05 00:00:00

oraclelinux

libjpeg-turbo security update

2013-12-09 00:00:00

libjpeg security update

2013-12-09 00:00:00

prion

Memory corruption

2013-11-19 04:50:00

Design/Logic Flaw

2013-11-19 04:50:00

SOL62655427 - libjpeg-turbo vulnerability CVE-2013-6630

2016-02-18 00:00:00

K62655427 : libjpeg-turbo vulnerability CVE-2013-6630

2016-02-19 00:00:00

K59503294 : libjpeg vulnerability CVE-2013-6629

2016-02-19 00:00:00

ubuntucve

CVE-2013-6630

2013-11-18 00:00:00

CVE-2013-6629

2013-11-18 00:00:00

cve

CVE-2013-6630

2013-11-19 04:50:00

CVE-2013-6629

2013-11-19 04:50:00

debiancve

CVE-2013-6630

2013-11-19 04:50:00

CVE-2013-6629

2013-11-19 04:50:00

symantec

libjpeg/libjpeg-turbo Library CVE-2013-6629 Memory Corruption Vulnerability

2013-11-12 00:00:00

slackware

[slackware-security] libjpeg

2013-12-17 03:49:12

mskb

Security update 2017-04-11

2017-04-11 07:00:00

Security update for the libjpeg information disclosure vulnerability in Windows Vista and Windows Server 2008: April 11, 2017

2017-04-11 07:00:00

Security update for the libjpeg information disclosure vulnerability in Windows Vista and Windows Server 2008: April 11, 2017

2017-04-11 07:00:00

mscve

libjpeg Information Disclosure Vulnerability

2017-04-11 07:00:00

kaspersky

KLA11061 Information disclosure vulnerability in Microsoft Windows

2017-04-11 00:00:00

KLA11059 Multiple vulnerabilities in Microsoft Windows

2017-04-11 00:00:00

KLA11835 Multiple vulnerabilities in Microsoft Products (ESU)

2017-04-11 00:00:00

ibm

Security Bulletin: IBM Transform Services for IBM i is vulnerable to denial of service, buffer overflow, and allowing attacker to obtain sensitive information due to multiple vulnerabilities.

2022-11-17 15:02:38

Security Bulletin: Security vulnerability in IBM Jazz Team Server affects multiple IBM Rational products based on IBM Jazz technology (CVE-2014-2421, CVE-2013-6954, CVE-2013-6629, CVE-2014-0411, CVE-2014-0416)

2021-04-28 18:35:50

Security Bulletin: Vulnerabilities in Rational Functional Tester due to IBM SDK, Java Technology Edition Version 1.6 and IBM SDK, Java Technology Edition Version 1.7

2018-09-29 20:06:32

threatpost

12 Flaws Fixed in Google Chrome

2013-11-12 13:17:53

mageia

Updated chromium-browser-stable packages fix multiple vulnerabilities

2013-11-13 23:09:45

freebsd

chromium -- multiple vulnerabilities

2013-11-12 00:00:00

mozilla -- multiple vulnerabilities

2013-12-09 00:00:00

chrome

Stable Channel Update

2013-11-12 00:00:00

suse

chromium: update to 31.0.1650.57 (important)

2013-11-27 20:04:35

Mozilla updates 2013/12 (important)

2013-12-13 15:04:36

chromium: 31.0.1650.57 version update (important)

2013-11-27 20:04:13

debian

[SECURITY] [DSA 2797-1] chromium-browser security update

2013-11-17 15:42:38

[SECURITY] [DSA 2797-1] chromium-browser security update

2013-11-17 15:42:38

osv

chromium-browser - several

2013-11-16 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
OpenSource

@2024 Vulners Inc

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.006 Low

EPSS

Percentile

78.0%

JSON

Related for MGASA-2013-0333