Π libjpeg-turbo, umtapo wolwazi wombhalo wekhodi nokuqopha izithombe ze-JPEG, ikhonjiwe ubungozi (I-CVE-2019-2201), okuholela ekuchichimeni okuphelele kanye nenkohlakalo elandelayo yokuqukethwe kwenqwaba lapho kucutshungulwa amafayela e-JPEG ngendlela ethile. Ngokunokwenzeka, ukuba sengozini akubandakanyi amathuba okudala ukuxhashazwa ukuze kuhlelwe ukwenziwa kwekhodi kusistimu (ukuhlasela kudinga ukucubungula isithombe esikhulu kakhulu ngesixazululo esingu-26755 x 26755).
Inkinga ngaphandle kokukhangisa okungadingekile kulungisiwe ekukhishweni 2.0.3, kodwa ngokusobala isusiwe hhayi ngokuphelele futhi ama-vector okuhlasela engeziwe asele. Ekusabalaliseni inkinga ihlala ingalungiswa (Debian, SUSE/openSUSE, RHEL, Fedora, Ubuntu).
Source: opennet.ru