{"id":"MGASA-2013-0333","summary":"Updated libjpeg packages fix vulnerabilities in libjpeg-turbo","details":"Updated libjpeg packages fix security vulnerabilities:\n\nlibjpeg 6b and libjpeg-turbo will use uninitialized memory when decoding\nimages with missing SOS data for the luminance component (Y) in presence of\nvalid chroma data (Cr, Cb) (CVE-2013-6629).\n\nlibjpeg-turbo will use uninitialized memory when handling Huffman tables\n(CVE-2013-6630).\n","modified":"2026-01-30T19:44:30.043100Z","published":"2013-11-20T20:31:46Z","related":["CVE-2013-6629","CVE-2013-6630"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2013-0333.html"},{"type":"REPORT","url":"http://permalink.gmane.org/gmane.comp.security.full-disclosure/90919"},{"type":"REPORT","url":"http://googlechromereleases.blogspot.com/2013/11/stable-channel-update.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=11658"}],"affected":[{"package":{"name":"libjpeg","ecosystem":"Mageia:2","purl":"pkg:rpm/mageia/libjpeg?arch=source&distro=mageia-2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.2.0-4.2.mga2"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2013-0333.json"}},{"package":{"name":"libjpeg","ecosystem":"Mageia:3","purl":"pkg:rpm/mageia/libjpeg?arch=source&distro=mageia-3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.2.1-4.1.mga3"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2013-0333.json"}}],"schema_version":"1.7.3","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}