Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2019.2938
libjpeg-turbo security update
7 August 2019
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: libjpeg-turbo
Publisher: Red Hat
Operating System: Red Hat Enterprise Linux Server 7
Red Hat Enterprise Linux WS/Desktop 7
Impact/Access: Execute Arbitrary Code/Commands -- Remote with User Interaction
Denial of Service -- Remote with User Interaction
Resolution: Patch/Upgrade
CVE Names: CVE-2018-14498 CVE-2018-11813 CVE-2018-11214
CVE-2018-11213 CVE-2018-11212 CVE-2016-3616
Reference: ESB-2019.1976
ESB-2018.1992.3
Original Bulletin:
https://access.redhat.com/errata/RHSA-2019:2052
- --------------------------BEGIN INCLUDED TEXT--------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
=====================================================================
Red Hat Security Advisory
Synopsis: Moderate: libjpeg-turbo security update
Advisory ID: RHSA-2019:2052-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2019:2052
Issue date: 2019-08-06
CVE Names: CVE-2016-3616 CVE-2018-11212 CVE-2018-11213
CVE-2018-11214 CVE-2018-11813 CVE-2018-14498
=====================================================================
1. Summary:
An update for libjpeg-turbo is now available for Red Hat Enterprise Linux
7.
Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux Client (v. 7) - x86_64
Red Hat Enterprise Linux Client Optional (v. 7) - x86_64
Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64
Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64
Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Workstation (v. 7) - x86_64
Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64
3. Description:
The libjpeg-turbo packages contain a library of functions for manipulating
JPEG images. They also contain simple client programs for accessing the
libjpeg functions. These packages provide the same functionality and API as
libjpeg but with better performance.
Security Fix(es):
* libjpeg: null pointer dereference in cjpeg (CVE-2016-3616)
* libjpeg-turbo: heap-based buffer over-read via crafted 8-bit BMP in
get_8bit_row in rdbmp.c leads to denial of service (CVE-2018-14498)
* libjpeg-turbo: Divide By Zero in alloc_sarray function in jmemmgr.c
(CVE-2018-11212)
* libjpeg: Segmentation fault in get_text_gray_row function in rdppm.c
(CVE-2018-11213)
* libjpeg: Segmentation fault in get_text_rgb_row function in rdppm.c
(CVE-2018-11214)
* libjpeg: "cjpeg" utility large loop because read_pixel in rdtarga.c
mishandles EOF (CVE-2018-11813)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat
Enterprise Linux 7.7 Release Notes linked from the References section.
4. Solution:
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
5. Bugs fixed (https://bugzilla.redhat.com/):
1318509 - null pointer dereference in libjpeg library in cjpeg
1319661 - CVE-2016-3616 libjpeg: null pointer dereference in cjpeg
1579973 - CVE-2018-11212 libjpeg-turbo: Divide By Zero in alloc_sarray function in jmemmgr.c
1579979 - CVE-2018-11213 libjpeg: Segmentation fault in get_text_gray_row function in rdppm.c
1579980 - CVE-2018-11214 libjpeg: Segmentation fault in get_text_rgb_row function in rdppm.c
1588803 - CVE-2018-11813 libjpeg: "cjpeg" utility large loop because read_pixel in rdtarga.c mishandles EOF
1687424 - CVE-2018-14498 libjpeg-turbo: heap-based buffer over-read via crafted 8-bit BMP in get_8bit_row in rdbmp.c leads to denial of service
6. Package List:
Red Hat Enterprise Linux Client (v. 7):
Source:
libjpeg-turbo-1.2.90-8.el7.src.rpm
x86_64:
libjpeg-turbo-1.2.90-8.el7.i686.rpm
libjpeg-turbo-1.2.90-8.el7.x86_64.rpm
libjpeg-turbo-debuginfo-1.2.90-8.el7.i686.rpm
libjpeg-turbo-debuginfo-1.2.90-8.el7.x86_64.rpm
Red Hat Enterprise Linux Client Optional (v. 7):
x86_64:
libjpeg-turbo-debuginfo-1.2.90-8.el7.i686.rpm
libjpeg-turbo-debuginfo-1.2.90-8.el7.x86_64.rpm
libjpeg-turbo-devel-1.2.90-8.el7.i686.rpm
libjpeg-turbo-devel-1.2.90-8.el7.x86_64.rpm
libjpeg-turbo-static-1.2.90-8.el7.i686.rpm
libjpeg-turbo-static-1.2.90-8.el7.x86_64.rpm
libjpeg-turbo-utils-1.2.90-8.el7.x86_64.rpm
turbojpeg-1.2.90-8.el7.i686.rpm
turbojpeg-1.2.90-8.el7.x86_64.rpm
turbojpeg-devel-1.2.90-8.el7.i686.rpm
turbojpeg-devel-1.2.90-8.el7.x86_64.rpm
Red Hat Enterprise Linux ComputeNode (v. 7):
Source:
libjpeg-turbo-1.2.90-8.el7.src.rpm
x86_64:
libjpeg-turbo-1.2.90-8.el7.i686.rpm
libjpeg-turbo-1.2.90-8.el7.x86_64.rpm
libjpeg-turbo-debuginfo-1.2.90-8.el7.i686.rpm
libjpeg-turbo-debuginfo-1.2.90-8.el7.x86_64.rpm
Red Hat Enterprise Linux ComputeNode Optional (v. 7):
x86_64:
libjpeg-turbo-debuginfo-1.2.90-8.el7.i686.rpm
libjpeg-turbo-debuginfo-1.2.90-8.el7.x86_64.rpm
libjpeg-turbo-devel-1.2.90-8.el7.i686.rpm
libjpeg-turbo-devel-1.2.90-8.el7.x86_64.rpm
libjpeg-turbo-static-1.2.90-8.el7.i686.rpm
libjpeg-turbo-static-1.2.90-8.el7.x86_64.rpm
libjpeg-turbo-utils-1.2.90-8.el7.x86_64.rpm
turbojpeg-1.2.90-8.el7.i686.rpm
turbojpeg-1.2.90-8.el7.x86_64.rpm
turbojpeg-devel-1.2.90-8.el7.i686.rpm
turbojpeg-devel-1.2.90-8.el7.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source:
libjpeg-turbo-1.2.90-8.el7.src.rpm
ppc64:
libjpeg-turbo-1.2.90-8.el7.ppc.rpm
libjpeg-turbo-1.2.90-8.el7.ppc64.rpm
libjpeg-turbo-debuginfo-1.2.90-8.el7.ppc.rpm
libjpeg-turbo-debuginfo-1.2.90-8.el7.ppc64.rpm
libjpeg-turbo-devel-1.2.90-8.el7.ppc.rpm
libjpeg-turbo-devel-1.2.90-8.el7.ppc64.rpm
ppc64le:
libjpeg-turbo-1.2.90-8.el7.ppc64le.rpm
libjpeg-turbo-debuginfo-1.2.90-8.el7.ppc64le.rpm
libjpeg-turbo-devel-1.2.90-8.el7.ppc64le.rpm
s390x:
libjpeg-turbo-1.2.90-8.el7.s390.rpm
libjpeg-turbo-1.2.90-8.el7.s390x.rpm
libjpeg-turbo-debuginfo-1.2.90-8.el7.s390.rpm
libjpeg-turbo-debuginfo-1.2.90-8.el7.s390x.rpm
libjpeg-turbo-devel-1.2.90-8.el7.s390.rpm
libjpeg-turbo-devel-1.2.90-8.el7.s390x.rpm
x86_64:
libjpeg-turbo-1.2.90-8.el7.i686.rpm
libjpeg-turbo-1.2.90-8.el7.x86_64.rpm
libjpeg-turbo-debuginfo-1.2.90-8.el7.i686.rpm
libjpeg-turbo-debuginfo-1.2.90-8.el7.x86_64.rpm
libjpeg-turbo-devel-1.2.90-8.el7.i686.rpm
libjpeg-turbo-devel-1.2.90-8.el7.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 7):
ppc64:
libjpeg-turbo-debuginfo-1.2.90-8.el7.ppc.rpm
libjpeg-turbo-debuginfo-1.2.90-8.el7.ppc64.rpm
libjpeg-turbo-static-1.2.90-8.el7.ppc.rpm
libjpeg-turbo-static-1.2.90-8.el7.ppc64.rpm
libjpeg-turbo-utils-1.2.90-8.el7.ppc64.rpm
turbojpeg-1.2.90-8.el7.ppc.rpm
turbojpeg-1.2.90-8.el7.ppc64.rpm
turbojpeg-devel-1.2.90-8.el7.ppc.rpm
turbojpeg-devel-1.2.90-8.el7.ppc64.rpm
ppc64le:
libjpeg-turbo-debuginfo-1.2.90-8.el7.ppc64le.rpm
libjpeg-turbo-static-1.2.90-8.el7.ppc64le.rpm
libjpeg-turbo-utils-1.2.90-8.el7.ppc64le.rpm
turbojpeg-1.2.90-8.el7.ppc64le.rpm
turbojpeg-devel-1.2.90-8.el7.ppc64le.rpm
s390x:
libjpeg-turbo-debuginfo-1.2.90-8.el7.s390.rpm
libjpeg-turbo-debuginfo-1.2.90-8.el7.s390x.rpm
libjpeg-turbo-static-1.2.90-8.el7.s390.rpm
libjpeg-turbo-static-1.2.90-8.el7.s390x.rpm
libjpeg-turbo-utils-1.2.90-8.el7.s390x.rpm
turbojpeg-1.2.90-8.el7.s390.rpm
turbojpeg-1.2.90-8.el7.s390x.rpm
turbojpeg-devel-1.2.90-8.el7.s390.rpm
turbojpeg-devel-1.2.90-8.el7.s390x.rpm
x86_64:
libjpeg-turbo-debuginfo-1.2.90-8.el7.i686.rpm
libjpeg-turbo-debuginfo-1.2.90-8.el7.x86_64.rpm
libjpeg-turbo-static-1.2.90-8.el7.i686.rpm
libjpeg-turbo-static-1.2.90-8.el7.x86_64.rpm
libjpeg-turbo-utils-1.2.90-8.el7.x86_64.rpm
turbojpeg-1.2.90-8.el7.i686.rpm
turbojpeg-1.2.90-8.el7.x86_64.rpm
turbojpeg-devel-1.2.90-8.el7.i686.rpm
turbojpeg-devel-1.2.90-8.el7.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 7):
Source:
libjpeg-turbo-1.2.90-8.el7.src.rpm
x86_64:
libjpeg-turbo-1.2.90-8.el7.i686.rpm
libjpeg-turbo-1.2.90-8.el7.x86_64.rpm
libjpeg-turbo-debuginfo-1.2.90-8.el7.i686.rpm
libjpeg-turbo-debuginfo-1.2.90-8.el7.x86_64.rpm
libjpeg-turbo-devel-1.2.90-8.el7.i686.rpm
libjpeg-turbo-devel-1.2.90-8.el7.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 7):
x86_64:
libjpeg-turbo-debuginfo-1.2.90-8.el7.i686.rpm
libjpeg-turbo-debuginfo-1.2.90-8.el7.x86_64.rpm
libjpeg-turbo-static-1.2.90-8.el7.i686.rpm
libjpeg-turbo-static-1.2.90-8.el7.x86_64.rpm
libjpeg-turbo-utils-1.2.90-8.el7.x86_64.rpm
turbojpeg-1.2.90-8.el7.i686.rpm
turbojpeg-1.2.90-8.el7.x86_64.rpm
turbojpeg-devel-1.2.90-8.el7.i686.rpm
turbojpeg-devel-1.2.90-8.el7.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2016-3616
https://access.redhat.com/security/cve/CVE-2018-11212
https://access.redhat.com/security/cve/CVE-2018-11213
https://access.redhat.com/security/cve/CVE-2018-11214
https://access.redhat.com/security/cve/CVE-2018-11813
https://access.redhat.com/security/cve/CVE-2018-14498
https://access.redhat.com/security/updates/classification/#moderate
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html-single/7.7_release_notes/index
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2019 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBXUl2eNzjgjWX9erEAQh/zw//d7Ie2RXUbvuUlXRJD5wbKnev3M8RuwOq
uRP9FdtrfndYH58zFgmnfTbg4ybvc2aQYO1EplaXpbdmZJKn5WpqXaCZzcUlz7Gr
j1TJqrJPsOfB00EUBsx7Gl2p1EiEEI3LDpX71uyICc4KbD1gHMbrYfwJn+MYQTuv
GJgkYRXJjAopge6gb1888WM+yg7hoFlk+/LPxDPHMNz51hdYXoWktfq+EuNK0KUR
3bcqz9YBAzZIqCvaywWzFSOOQsMaHMzMVHlTD9nJ3F+n/qDHSyQf75yH+6j/OK3i
Tr5hVIUFBXqxte1muu3T1JUXF6g5nl5Qjk4aZLZFXT28Fm1QLtHFW8aLOKH85WXK
fEG5rgDwlPq0sIV5s5WvVLB3E2S1hGPypnOoUVIcvV2EFqxz8AROcYmOi4CTe60X
9x4UMU/szS27EwOq5q1w4b0POGHNfpS9LrQ3h3scnr+pNeWXwE8v98pLIvjSndSd
9A5NnXr0z8ToxgiWW6l0k2EzyVlV7pnV6fHYghYJZdwxf0eDqZuDkYZyX6IWE5Zw
+AuNMjmDhLxMn1qKLMgMjkoU08XmZFYZx0J+lgoC75+BeLtnOtwoxBJ+ZjLeXVbM
iKxOGEeP1pMGeCqhcfculh6vtCwXMTrvxgW9d0HuTkotFdQMk7Ph2bQZJBBqIl2o
cD+DsQHNlaY=
=Q3Vm
- -----END PGP SIGNATURE-----
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBXUo3DmaOgq3Tt24GAQil+xAAmS5gbVu+ZD0QprFj8W+HGFA/gjj/QFa6
UcpflWjLvFLH4ttZDqreVM41eEz/8QhI+JU94WBCmqTGatR7eGu1ret94Q7XFc1x
SC6TrMluHYqxFSVJyHn0Enmq7u6av6P8nSx77ou+O6Xx433Chltuk6mHKt+1SdiE
8lhHafiRaNqnyOjldBCBraCCzh1MhUMycIpiA7bPj/5JM9c/LGHyv5uRuI/4HYHx
zZtjJg7ijzJEXGy1ph9R8H5EsFJ5gmpMwRb4E03oNHboV40hhVXkDsNQzvrWxfZK
F6ZVV1zlvuRIJPsAMS+Vo2Abt/64XLWupIf/Hme4a2hQMMoeu9kLLPVNOEs2LOV0
vIsO8HQ5YHy3uCtPD2taCcf7hJzYBadqqQIBnH5qom5Atgb0OQJF+C+8AALCg4fm
5lvuZJxXX8vT1wo8EHd22Eh8aTCWvnDq+KM4HMTs0zjoahYRtjlXOpmLOQZQxXby
OHlNvO8rjy1dt8ZM/Dv7xb7WPS8eJjogS2XEbactJqiC1O6PWsgs6X7K2nT9aPUT
R55F6qt9D/R/hi4FJSIovGNdDrUEnAqtZ07bL3SeXLEgZZtedyncyEYmV+B5OK5v
ZVeASkf9LiGZU0ar6bphFyerTjgJeVyZFxJ4iEEMqgyOjwf6zd/IxHjWiGEK0O0z
Qtuzrktb8Bk=
=TzR+
-----END PGP SIGNATURE-----