Synopsis:          Moderate: libjpeg-turbo security update
Advisory ID:       SLSA-2013:1803-1
Issue Date:        2013-12-10
CVE Numbers:       CVE-2013-6629
                   CVE-2013-6630
--

An uninitialized memory read issue was found in the way libjpeg-turbo
decoded images with missing Start Of Scan (SOS) JPEG markers or Define
Huffman Table (DHT) JPEG markers. A remote attacker could create a
specially crafted JPEG image that, when decoded, could possibly lead to a
disclosure of potentially sensitive information. (CVE-2013-6629,
CVE-2013-6630)
--

SL6
  x86_64
    libjpeg-turbo-1.2.1-3.el6_5.i686.rpm
    libjpeg-turbo-1.2.1-3.el6_5.x86_64.rpm
    libjpeg-turbo-debuginfo-1.2.1-3.el6_5.i686.rpm
    libjpeg-turbo-debuginfo-1.2.1-3.el6_5.x86_64.rpm
    libjpeg-turbo-devel-1.2.1-3.el6_5.i686.rpm
    libjpeg-turbo-devel-1.2.1-3.el6_5.x86_64.rpm
    libjpeg-turbo-static-1.2.1-3.el6_5.x86_64.rpm
  i386
    libjpeg-turbo-1.2.1-3.el6_5.i686.rpm
    libjpeg-turbo-debuginfo-1.2.1-3.el6_5.i686.rpm
    libjpeg-turbo-devel-1.2.1-3.el6_5.i686.rpm
    libjpeg-turbo-static-1.2.1-3.el6_5.i686.rpm

- Scientific Linux Development Team