Debian 10260 Published by

A jbig2dec security update has been released for Debian GNU/Linux 8 Extended LTS to address two issues.



ELA-504-1 jbig2dec security update

Package jbig2dec
Version 0.13-4~deb8u3
Related CVEs CVE-2017-9216 CVE-2020-12268

Two issues have been found in jbig2dec, a JBIG2 decoder library. One is related to an overflow with a crafted image file. The other is related to a NULL pointer dereference.

For Debian 8 jessie, these problems have been fixed in version 0.13-4~deb8u3.

We recommend that you upgrade your jbig2dec packages.

Further information about Extended LTS security advisories can be found at: https://deb.freexian.com/extended-lts/

  ELA-504-1 jbig2dec security update