[ubuntu/noble-updates] jpeg-xl 0.7.0-10.2ubuntu6.1 (Accepted)
Ubuntu Archive Robot
ubuntu-archive-robot at lists.canonical.com
Mon Jul 14 16:58:47 UTC 2025
jpeg-xl (0.7.0-10.2ubuntu6.1) noble-security; urgency=medium
* SECURITY UPDATE: Out-of-bounds read causes segmentation fault
- debian/patches/CVE-2023-0645.patch: Add additional checks to
lib/jxl/exif.h.
- CVE-2023-0645
* SECURITY UPDATE: Integer underflow causes denial-of-service
- debian/patches/CVE-2023-35790.patch: Fix integer underflow bug
in lib/jxl/dec_patch_dictionary.cc.
- CVE-2023-35790
* SECURITY UPDATE: Out-of-bounds write
- debian/patches/CVE-2024-11403.patch: Fix the Huffman lookup table
size in lib/jxl/jpeg/enc_jpeg_huffman_decode.h.
- CVE-2024-11403
* SECURITY UPDATE: Stack buffer overflow
- debian/patches/CVE-2024-11498.patch: Check height limit of trees in
lib/jxl/modular/encoding/dec_ma.cc.
- CVE-2024-11498
Date: 2025-07-09 20:19:12.139616+00:00
Changed-By: Edwin Jiang <edwin.jiang at canonical.com>
Signed-By: Ubuntu Archive Robot <ubuntu-archive-robot at lists.canonical.com>
https://launchpad.net/ubuntu/+source/jpeg-xl/0.7.0-10.2ubuntu6.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the noble-changes
mailing list