Amazon Linux 1 Security Advisory: ALAS-2015-540
Advisory Release Date: 2015-06-11 08:08 Pacific
Advisory Updated Date: 2015-06-11 08:09 Pacific
A flaw in libjpeg-turbo was reported (http://seclists.org/oss-sec/2014/q4/557) that could lead to a local denial of service when processing a specially-crafted JPEG issue.
Affected Packages:
libjpeg-turbo
Issue Correction:
Run yum update libjpeg-turbo to update your system.
i686:
libjpeg-turbo-static-1.2.90-5.10.amzn1.i686
turbojpeg-devel-1.2.90-5.10.amzn1.i686
libjpeg-turbo-devel-1.2.90-5.10.amzn1.i686
libjpeg-turbo-debuginfo-1.2.90-5.10.amzn1.i686
libjpeg-turbo-utils-1.2.90-5.10.amzn1.i686
libjpeg-turbo-1.2.90-5.10.amzn1.i686
turbojpeg-1.2.90-5.10.amzn1.i686
src:
libjpeg-turbo-1.2.90-5.10.amzn1.src
x86_64:
libjpeg-turbo-debuginfo-1.2.90-5.10.amzn1.x86_64
libjpeg-turbo-devel-1.2.90-5.10.amzn1.x86_64
libjpeg-turbo-utils-1.2.90-5.10.amzn1.x86_64
turbojpeg-devel-1.2.90-5.10.amzn1.x86_64
libjpeg-turbo-static-1.2.90-5.10.amzn1.x86_64
libjpeg-turbo-1.2.90-5.10.amzn1.x86_64
turbojpeg-1.2.90-5.10.amzn1.x86_64