ALAS-2015-540


Amazon Linux 1 Security Advisory: ALAS-2015-540
Advisory Release Date: 2015-06-11 08:08 Pacific
Advisory Updated Date: 2015-06-11 08:09 Pacific
Severity: Low

Issue Overview:

A flaw in libjpeg-turbo was reported (http://seclists.org/oss-sec/2014/q4/557) that could lead to a local denial of service when processing a specially-crafted JPEG issue.


Affected Packages:

libjpeg-turbo


Issue Correction:
Run yum update libjpeg-turbo to update your system.

New Packages:
i686:
    libjpeg-turbo-static-1.2.90-5.10.amzn1.i686
    turbojpeg-devel-1.2.90-5.10.amzn1.i686
    libjpeg-turbo-devel-1.2.90-5.10.amzn1.i686
    libjpeg-turbo-debuginfo-1.2.90-5.10.amzn1.i686
    libjpeg-turbo-utils-1.2.90-5.10.amzn1.i686
    libjpeg-turbo-1.2.90-5.10.amzn1.i686
    turbojpeg-1.2.90-5.10.amzn1.i686

src:
    libjpeg-turbo-1.2.90-5.10.amzn1.src

x86_64:
    libjpeg-turbo-debuginfo-1.2.90-5.10.amzn1.x86_64
    libjpeg-turbo-devel-1.2.90-5.10.amzn1.x86_64
    libjpeg-turbo-utils-1.2.90-5.10.amzn1.x86_64
    turbojpeg-devel-1.2.90-5.10.amzn1.x86_64
    libjpeg-turbo-static-1.2.90-5.10.amzn1.x86_64
    libjpeg-turbo-1.2.90-5.10.amzn1.x86_64
    turbojpeg-1.2.90-5.10.amzn1.x86_64