Updated libjpeg packages fix security vulnerability

get8bitrow in rdbmp.c in libjpeg-turbo through 1.5.90 and MozJPEG through 3.3.1 allows attackers to cause a denial of service heap-based buffer over-read and application crash via a crafted 8-bit BMP in which one or more of the color indices is out of range for the number of palette entries...

PT-2014-2023 · Mozjpeg +8 · Mozjpeg +8

Name of the Vulnerable Software and Affected Versions: libjpeg-turbo versions through 1.5.90 MozJPEG versions through 3.3.1 Description: The issue is related to a buffer over-read in the get 8bit row function in rdbmp.c of the libjpeg library. This can be exploited by a remote attacker to cause a...