ALAS-2015-540


Amazon Linux AMI Security Advisory: ALAS-2015-540
Advisory Release Date: 2015-06-11 08:09 Pacific
Severity: Low
References: CVE-2014-9092 

Issue Overview:

A flaw in libjpeg-turbo was reported that could lead to a local denial of service when processing a specially-crafted JPEG issue.


Affected Packages:

libjpeg-turbo


Issue Correction:
Run yum update libjpeg-turbo to update your system.

New Packages:
i686:
    libjpeg-turbo-static-1.2.90-5.10.amzn1.i686
    turbojpeg-devel-1.2.90-5.10.amzn1.i686
    libjpeg-turbo-devel-1.2.90-5.10.amzn1.i686
    libjpeg-turbo-debuginfo-1.2.90-5.10.amzn1.i686
    libjpeg-turbo-utils-1.2.90-5.10.amzn1.i686
    libjpeg-turbo-1.2.90-5.10.amzn1.i686
    turbojpeg-1.2.90-5.10.amzn1.i686

src:
    libjpeg-turbo-1.2.90-5.10.amzn1.src

x86_64:
    libjpeg-turbo-debuginfo-1.2.90-5.10.amzn1.x86_64
    libjpeg-turbo-devel-1.2.90-5.10.amzn1.x86_64
    libjpeg-turbo-utils-1.2.90-5.10.amzn1.x86_64
    turbojpeg-devel-1.2.90-5.10.amzn1.x86_64
    libjpeg-turbo-static-1.2.90-5.10.amzn1.x86_64
    libjpeg-turbo-1.2.90-5.10.amzn1.x86_64
    turbojpeg-1.2.90-5.10.amzn1.x86_64