Summary: | <media-libs/libjpeg-turbo-1.4.2: buffer overflow | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | major | CC: | anarchy, graphics+disabled, pacho, ssuominen |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://sourceforge.net/p/libjpeg-turbo/code/1367/ | ||
Whiteboard: | A2 [glsa] | ||
Package list: | Runtime testing required: | --- |
Description
Agostino Sarubbo
2014-12-02 09:35:47 UTC
We have 1.4.2 in the tree... but I don't know if it's ready for stabilization :/ Any updates on this??? Holding up a GLSA. (In reply to Pacho Ramos from comment #1) > We have 1.4.2 in the tree... but I don't know if it's ready for > stabilization :/ go ahead and stabilize, there are no regressions that I am aware of at this time. Arches, please test and mark stable: =media-libs/libjpeg-turbo-1.4.2 Target Keywords : "alpha amd64 arm hppa ia64 ppc ppc64 sparc x86" Thank you! amd64 stable x86 stable sparc stable Stable for HPPA PPC64. ppc stable arm stable alpha stable ia64 stable. Maintainer(s), please cleanup. Security, please add it to the existing request, or file a new one. Arches, Thank you for your work. Added to an existing GLSA Request. Maintainer(s), please drop the vulnerable version(s). (In reply to Yury German from comment #13) > Arches, Thank you for your work. > Added to an existing GLSA Request. > > Maintainer(s), please drop the vulnerable version(s). Done: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=bcd7c70dc22c55d74cfcfb75b3acc8c68120cca3 This issue was resolved and addressed in GLSA 201606-03 at https://security.gentoo.org/glsa/201606-03 by GLSA coordinator Yury German (BlueKnight) |