[3.6] libjpeg-turbo: Multiple vulnerabilities (CVE-2017-15232, CVE-2018-1152, CVE-2018-11813)
CVE-2017-15232: libjpeg-turbo 1.5.2 has a NULL Pointer Dereference
in jdpostct.c and jquant1.c
via a crafted JPEG file.
References:
https://github.com/libjpeg-turbo/libjpeg-turbo/pull/182
https://nvd.nist.gov/vuln/detail/CVE-2017-15232
CVE-2018-1152: libjpeg-turbo 1.5.90 is vulnerable to a denial of
service vulnerability caused by
a divide by zero when processing a crafted BMP image.
Reference:
https://nvd.nist.gov/vuln/detail/CVE-2018-1152
Patch:
https://github.com/libjpeg-turbo/libjpeg-turbo/commit/43e84cff1bb2bd8293066f6ac4eb0df61ddddbc6
CVE-2018-11813: “cjpeg” utility large loop because read_pixel in rdtarga.c mishandles EOF
Reference:
https://github.com/libjpeg-turbo/libjpeg-turbo/issues/242
Patch:
https://github.com/libjpeg-turbo/libjpeg-turbo/commit/19074854d9d8bc32dff3ed252eed17ed6cc2ecfc
(from redmine: issue id 9430, created on 2018-09-20, closed on 2018-09-27)
- Relations:
- parent #9426 (closed)
- Changesets:
- Revision 57be3b6c by Natanael Copa on 2018-09-25T12:54:48Z:
main/libjpeg-turbo: backport security fix (CVE-2018-11813)
fixes #9430