(RHSA-2024:2295) Moderate: libjpeg-turbo security update

2024-04-3006:15:18

access.redhat.com

libjpeg-turbo

security update

vulnerability fix

heap-buffer-overflow

6.6 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

26.3%

JSON

The libjpeg-turbo packages contain a library of functions for manipulating JPEG images. They also contain simple client programs for accessing the libjpeg functions. These packages provide the same functionality and API as libjpeg but with better performance.

Security Fix(es):

libjpeg-turbo: heap-buffer-overflow vulnerability in decompress_smooth_data in jdcoefct.c (CVE-2021-29390)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.4 Release Notes linked from the References section.

OSVersionArchitecturePackageVersionFilename
RedHat9s390xturbojpeg< 2.0.90-7.el9turbojpeg-2.0.90-7.el9.s390x.rpm
RedHat9aarch64libjpeg-turbo-devel< 2.0.90-7.el9libjpeg-turbo-devel-2.0.90-7.el9.aarch64.rpm
RedHat9aarch64libjpeg-turbo-utils< 2.0.90-7.el9libjpeg-turbo-utils-2.0.90-7.el9.aarch64.rpm
RedHat9aarch64libjpeg-turbo-debugsource< 2.0.90-7.el9libjpeg-turbo-debugsource-2.0.90-7.el9.aarch64.rpm
RedHat9x86_64libjpeg-turbo-debuginfo< 2.0.90-7.el9libjpeg-turbo-debuginfo-2.0.90-7.el9.x86_64.rpm
RedHat9ppc64lelibjpeg-turbo-utils-debuginfo< 2.0.90-7.el9libjpeg-turbo-utils-debuginfo-2.0.90-7.el9.ppc64le.rpm
RedHat9ppc64leturbojpeg< 2.0.90-7.el9turbojpeg-2.0.90-7.el9.ppc64le.rpm
RedHat9s390xlibjpeg-turbo< 2.0.90-7.el9libjpeg-turbo-2.0.90-7.el9.s390x.rpm
RedHat9s390xlibjpeg-turbo-devel< 2.0.90-7.el9libjpeg-turbo-devel-2.0.90-7.el9.s390x.rpm
RedHat9i686libjpeg-turbo-devel< 2.0.90-7.el9libjpeg-turbo-devel-2.0.90-7.el9.i686.rpm

OS	Version	Architecture	Package	Version	Filename
RedHat	9	s390x	turbojpeg	< 2.0.90-7.el9	turbojpeg-2.0.90-7.el9.s390x.rpm
RedHat	9	aarch64	libjpeg-turbo-devel	< 2.0.90-7.el9	libjpeg-turbo-devel-2.0.90-7.el9.aarch64.rpm
RedHat	9	aarch64	libjpeg-turbo-utils	< 2.0.90-7.el9	libjpeg-turbo-utils-2.0.90-7.el9.aarch64.rpm
RedHat	9	aarch64	libjpeg-turbo-debugsource	< 2.0.90-7.el9	libjpeg-turbo-debugsource-2.0.90-7.el9.aarch64.rpm
RedHat	9	x86_64	libjpeg-turbo-debuginfo	< 2.0.90-7.el9	libjpeg-turbo-debuginfo-2.0.90-7.el9.x86_64.rpm
RedHat	9	ppc64le	libjpeg-turbo-utils-debuginfo	< 2.0.90-7.el9	libjpeg-turbo-utils-debuginfo-2.0.90-7.el9.ppc64le.rpm
RedHat	9	ppc64le	turbojpeg	< 2.0.90-7.el9	turbojpeg-2.0.90-7.el9.ppc64le.rpm
RedHat	9	s390x	libjpeg-turbo	< 2.0.90-7.el9	libjpeg-turbo-2.0.90-7.el9.s390x.rpm
RedHat	9	s390x	libjpeg-turbo-devel	< 2.0.90-7.el9	libjpeg-turbo-devel-2.0.90-7.el9.s390x.rpm
RedHat	9	i686	libjpeg-turbo-devel	< 2.0.90-7.el9	libjpeg-turbo-devel-2.0.90-7.el9.i686.rpm