Azure Linux 3.0 Security Update: fltk (CVE-2020-14152)

The version of fltk installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2020-14152 advisory. - In IJG JPEG aka libjpeg before 9d, jpegmemavailable in jmemnobs.c in djpeg does not honor the maxmemorytouse...

AZL-45315 CVE-2020-14152 affecting package fltk for versions less than 1.3.8-1

In IJG JPEG aka libjpeg before 9d, jpegmemavailable in jmemnobs.c in djpeg does not honor the maxmemorytouse setting, possibly causing excessive memory consumption...