1. Forum
  2. Fsxnet Message
  3. FSX BOT

  • libjpeg-turbo vulnerability

    From bugz_ubuntu@21:4/110 to Ubuntu Users on Tuesday, June 09, 2020 16:10:08
    libjpeg-turbo vulnerability

    A security issue affects these releases of Ubuntu and its
    derivatives:

    * Ubuntu 20.04 LTS
    * Ubuntu 19.10
    * Ubuntu 18.04 LTS
    * Ubuntu 16.04 LTS
    * Ubuntu 14.04 ESM
    * Ubuntu 12.04 ESM

    Summary

    libjpeg-turbo could be made to expose sensitive information if it
    received a specially crafted PPM file.

    Software Description

    * libjpeg-turbo - library for handling JPEG files

    Details

    It was discovered that libjpeg-turbo incorrectly handled certain
    PPM files. An attacker could possibly use this issue to access
    sensitive information.

    Update instructions

    The problem can be corrected by updating your system to the
    following package versions:

    Ubuntu 20.04 LTS
    libjpeg-turbo8 - 2.0.3-0ubuntu1.20.04.1

    Ubuntu 19.10
    libjpeg-turbo8 - 2.0.3-0ubuntu1.19.10.1

    Ubuntu 18.04 LTS
    libjpeg-turbo8 - 1.5.2-0ubuntu5.18.04.4

    Ubuntu 16.04 LTS
    libjpeg-turbo8 - 1.4.2-0ubuntu3.4

    Ubuntu 14.04 ESM
    libjpeg-turbo8 - 1.3.0-0ubuntu2.1+esm1

    Ubuntu 12.04 ESM
    libjpeg-turbo8 - 1.1.90+svn733-0ubuntu4.6

    To update your system, please follow these instructions:
    https://wiki.ubuntu.com/Security/Upgrades.

    In general, a standard system update will make all the necessary
    changes.

    References

    * CVE-2020-13790

    --- Mystic BBS v1.12 A45 (Linux/64)
    * Origin: BZ&BZ BBS (21:4/110)