Hi,
Thanks for preparing the debiff. However, this issue was addressed in
the interim in USN 3706-1 http://www.ubuntu.com/usn/usn-3706-1 (libjpeg-
turbo 1.3.0-0ubuntu2.1) for trusty.
Thanks again.
** Changed in: libjpeg-turbo (Ubuntu Trusty)
Status: Confirmed => Fix Released
** Changed i
Security sponsors should be subscribed, not just sponsors.
It should get attention soon.
Thanks.
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to libjpeg-turbo in Ubuntu.
https://bugs.launchpad.net/bugs/1385903
Title:
imagemagick cras
** Information type changed from Public to Public Security
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to libjpeg-turbo in Ubuntu.
https://bugs.launchpad.net/bugs/1385903
Title:
imagemagick crashes with "stack smashing detected"
Stat
Vivid EOL as per:
https://wiki.ubuntu.com/Releases
** Changed in: libjpeg-turbo (Ubuntu Vivid)
Status: Confirmed => Won't Fix
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to libjpeg-turbo in Ubuntu.
https://bugs.launchpad.net/bugs
Precise EOL as per:
https://wiki.ubuntu.com/Releases
** Changed in: libjpeg-turbo (Ubuntu Precise)
Status: Confirmed => Won't Fix
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to libjpeg-turbo in Ubuntu.
https://bugs.launchpad.net/
The attachment "Debdiff, adapted from Debian 1:1.3.1-11" seems to be a
debdiff. The ubuntu-sponsors team has been subscribed to the bug report
so that they can review and hopefully sponsor the debdiff. If the
attachment isn't a patch, please remove the "patch" flag from the
attachment, remove the
I've supplied a debdiff to address the fix for this CVE, based on
upstream Debian's fix.
** Patch added: "Debdiff, adapted from Debian 1:1.3.1-11"
https://bugs.launchpad.net/ubuntu/+source/libjpeg-turbo/+bug/1385903/+attachment/5009069/+files/libjpeg-turbo.diff
--
You received this bug notif
Suggest increasing the importance of this bug, considering it has a CVE
assignment? I realize that it's a DoS, which is low on the
"vulnerability" totem pole; but especially with buffer overruns I tend
to suspect that "DoS" is code for "might allow code execution but no
one's bothered to prove it".
utopic has seen the end of its life and is no longer receiving any
updates. Marking the utopic task for this ticket as "Won't Fix".
** Changed in: libjpeg-turbo (Ubuntu Utopic)
Status: Confirmed => Won't Fix
--
You received this bug notification because you are a member of Desktop
Package
This is CVE-2014-9092
** Package changed: imagemagick (Ubuntu) => libjpeg-turbo (Ubuntu)
** Changed in: libjpeg-turbo (Ubuntu)
Importance: Undecided => Low
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-9092
** Also affects: libjpeg-turbo (Ubuntu Vivid)
Importance:
10 matches
Mail list logo
