What is the vulnerability ID of this issue?

The vulnerability ID of this issue is USN-4386-1.

What is the title of the vulnerability?

The title of the vulnerability is USN-4386-1: libjpeg-turbo vulnerability.

How does the libjpeg-turbo vulnerability affect systems?

The libjpeg-turbo vulnerability allows attackers to access sensitive information.

Which software versions are affected by this vulnerability?

The affected software versions are libjpeg-turbo8 2.0.3-0ubuntu1.20.04.1, libjpeg-turbo8 2.0.3-0ubuntu1.19.10.1, libjpeg-turbo8 1.5.2-0ubuntu5.18.04.4, libjpeg-turbo8 1.4.2-0ubuntu3.4, libjpeg-turbo8 1.3.0-0ubuntu2.1+esm1, and libjpeg-turbo8 1.1.90+svn733-0ubuntu4.6.

How can I fix the libjpeg-turbo vulnerability?

To fix the libjpeg-turbo vulnerability, update to the latest version of libjpeg-turbo8. The remedy versions for each affected software version are: 2.0.3-0ubuntu1.20.04.1, 2.0.3-0ubuntu1.19.10.1, 1.5.2-0ubuntu5.18.04.4, 1.4.2-0ubuntu3.4, 1.3.0-0ubuntu2.1+esm1, and 1.1.90+svn733-0ubuntu4.6.

Vulnerability/
USN-4386-1

9/6/2020

USN-4386-1: libjpeg-turbo vulnerability

First published: Tue Jun 09 2020(Updated: )

It was discovered that libjpeg-turbo incorrectly handled certain PPM files. An attacker could possibly use this issue to access sensitive information.

Affected Software	Affected Version	How to fix
All of
ubuntu/libjpeg-turbo8	<2.0.3-0ubuntu1.20.04.1	2.0.3-0ubuntu1.20.04.1
Ubuntu Ubuntu	=20.04
All of
ubuntu/libjpeg-turbo8	<2.0.3-0ubuntu1.19.10.1	2.0.3-0ubuntu1.19.10.1
Ubuntu Ubuntu	=19.10
All of
ubuntu/libjpeg-turbo8	<1.5.2-0ubuntu5.18.04.4	1.5.2-0ubuntu5.18.04.4
Ubuntu Ubuntu	=18.04
All of
ubuntu/libjpeg-turbo8	<1.4.2-0ubuntu3.4	1.4.2-0ubuntu3.4
Ubuntu Ubuntu	=16.04
All of
ubuntu/libjpeg-turbo8	<1.3.0-0ubuntu2.1+esm1	1.3.0-0ubuntu2.1+esm1
Ubuntu Ubuntu	=14.04
All of
ubuntu/libjpeg-turbo8	<1.1.90+svn733-0ubuntu4.6	1.1.90+svn733-0ubuntu4.6
Ubuntu Ubuntu	=12.04

Never miss a vulnerability like this again

Reference Links

Child vulnerabilities

(Contains the following vulnerabilities)

CVE-2020-13790

Frequently Asked Questions

What is the vulnerability ID of this issue?
The vulnerability ID of this issue is USN-4386-1.
What is the title of the vulnerability?
The title of the vulnerability is USN-4386-1: libjpeg-turbo vulnerability.
How does the libjpeg-turbo vulnerability affect systems?
The libjpeg-turbo vulnerability allows attackers to access sensitive information.
Which software versions are affected by this vulnerability?
The affected software versions are libjpeg-turbo8 2.0.3-0ubuntu1.20.04.1, libjpeg-turbo8 2.0.3-0ubuntu1.19.10.1, libjpeg-turbo8 1.5.2-0ubuntu5.18.04.4, libjpeg-turbo8 1.4.2-0ubuntu3.4, libjpeg-turbo8 1.3.0-0ubuntu2.1+esm1, and libjpeg-turbo8 1.1.90+svn733-0ubuntu4.6.
How can I fix the libjpeg-turbo vulnerability?
To fix the libjpeg-turbo vulnerability, update to the latest version of libjpeg-turbo8. The remedy versions for each affected software version are: 2.0.3-0ubuntu1.20.04.1, 2.0.3-0ubuntu1.19.10.1, 1.5.2-0ubuntu5.18.04.4, 1.4.2-0ubuntu3.4, 1.3.0-0ubuntu2.1+esm1, and 1.1.90+svn733-0ubuntu4.6.

agent/description
agent/event
agent/first-publish-date
agent/last-modified-date
agent/references
agent/severity
agent/softwarecombine
agent/tags
agent/title
agent/type
collector/usn
source/Ubuntu
agent/software-canonical-lookup
package-manager/ubuntu
vendor/ubuntu
canonical/ubuntu ubuntu
version/ubuntu ubuntu/20.04
version/ubuntu ubuntu/19.10
version/ubuntu ubuntu/18.04
version/ubuntu ubuntu/16.04
version/ubuntu ubuntu/14.04
version/ubuntu ubuntu/12.04