[3.5] libjpeg-turbo: Multiple vulnerabilities (CVE-2017-15232, CVE-2018-1152, CVE-2018-11813)
CVE-2017-15232: libjpeg-turbo 1.5.2 has a NULL Pointer Dereference
in jdpostct.c and jquant1.c
via a crafted JPEG file.
References:
https://github.com/libjpeg-turbo/libjpeg-turbo/pull/182
https://nvd.nist.gov/vuln/detail/CVE-2017-15232
CVE-2018-1152: libjpeg-turbo 1.5.90 is vulnerable to a denial of
service vulnerability caused by
a divide by zero when processing a crafted BMP image.
Reference:
https://nvd.nist.gov/vuln/detail/CVE-2018-1152
Patch:
https://github.com/libjpeg-turbo/libjpeg-turbo/commit/43e84cff1bb2bd8293066f6ac4eb0df61ddddbc6
CVE-2018-11813: “cjpeg” utility large loop because read_pixel in rdtarga.c mishandles EOF
Reference:
https://github.com/libjpeg-turbo/libjpeg-turbo/issues/242
Patch:
https://github.com/libjpeg-turbo/libjpeg-turbo/commit/19074854d9d8bc32dff3ed252eed17ed6cc2ecfc
(from redmine: issue id 9431, created on 2018-09-20, closed on 2018-09-27)
- Relations:
- parent #9426 (closed)
- Changesets:
- Revision 604d9ad8 by Natanael Copa on 2018-09-25T12:56:59Z:
main/libjpeg-turbo: security upgrade to 1.5.3 (CVE-2017-15232)
ref #9431
- Revision 40f5397f on 2018-09-25T12:57:25Z:
main/libjpeg-turbo: Backport fix for CVE-2018-1152
Cherry-pick commit f1322ac from the 1.5.x branch
ref #9431
Signed-off-by: Euan Harris <euan.harris@docker.com>
(cherry picked from commit 8d429487fdfea72fe6b0e45659274a62fa8c89bd)
- Revision 1c66dc70 by Natanael Copa on 2018-09-25T12:58:16Z:
main/libjpeg-turbo: backport security fix (CVE-2018-11813)
fixes #9431