Information on source package libjpeg-turbo

Available versions

ReleaseVersion
jessie1:1.3.1-12+deb8u3
stretch1:1.5.1-2
stretch (security)1:1.5.1-2+deb9u1
buster1:1.5.2-2+deb10u1
bullseye1:2.0.5-2
sid1:2.0.6-2

Open issues

BugjessiestretchbusterbullseyesidDescription
CVE-2019-2201vulnerable (no DSA, ignored)vulnerable (no DSA)fixedfixedfixedIn generate_jsimd_ycc_rgb_convert_neon of jsimd_arm64_neon.S, there is ...

Open unimportant issues

BugjessiestretchbusterbullseyesidDescription
CVE-2018-11813vulnerablevulnerablevulnerablefixedfixedlibjpeg 9c has a large loop because read_pixel in rdtarga.c mishandles ...
CVE-2017-15232vulnerablevulnerablevulnerablefixedfixedlibjpeg-turbo 1.5.2 has a NULL Pointer Dereference in jdpostct.c and j ...

Resolved issues

BugDescription
CVE-2020-14153In IJG JPEG (aka libjpeg) from version 8 through 9c, jdhuff.c has an o ...
CVE-2020-14152In IJG JPEG (aka libjpeg) before 9d, jpeg_mem_available() in jmemnobs. ...
CVE-2020-13790libjpeg-turbo 2.0.4, and mozjpeg 4.0.0, has a heap-based buffer over-r ...
CVE-2018-20330The tjLoadImage function in libjpeg-turbo 2.0.1 has an integer overflo ...
CVE-2018-19664libjpeg-turbo 2.0.1 has a heap-based buffer over-read in the put_pixel ...
CVE-2018-14498get_8bit_row in rdbmp.c in libjpeg-turbo through 1.5.90 and MozJPEG th ...
CVE-2018-11214An issue was discovered in libjpeg 9a. The get_text_rgb_row function i ...
CVE-2018-11213An issue was discovered in libjpeg 9a. The get_text_gray_row function ...
CVE-2018-11212An issue was discovered in libjpeg 9a and 9d. The alloc_sarray functio ...
CVE-2018-1152libjpeg-turbo 1.5.90 is vulnerable to a denial of service vulnerabilit ...
CVE-2016-6702A remote code execution vulnerability in libjpeg in Android 4.x before ...
CVE-2016-3616The cjpeg utility in libjpeg allows remote attackers to cause a denial ...
CVE-2014-9092libjpeg-turbo before 1.3.1 allows remote attackers to cause a denial o ...
CVE-2013-6630The get_dht function in jdmarker.c in libjpeg-turbo through 1.3.0, as ...
CVE-2013-6629The get_sos function in jdmarker.c in (1) libjpeg 6b and (2) libjpeg-t ...
CVE-2012-2806Heap-based buffer overflow in the get_sos function in jdmarker.c in li ...

Security announcements

DSA / DLADescription
ELA-276-1libjpeg-turbo - security update
DLA-2302-1libjpeg-turbo - security update
DLA-1719-1libjpeg-turbo - security update
DLA-1638-1libjpeg-turbo - security update

Search for package or bug name: Reporting problems