Key Information Vulnerability Overview Advisory Number: USN-2060-1 Release Date: December 19, 2013 Summary: libjpeg and libjpeg-turbo improperly handle certain memory operations. An attacker could exploit this by using a specially crafted JPEG file, potentially exposing sensitive information. Affected Packages libjpeg-turbo: A library for processing JPEG files libjpeg6b: A library for processing JPEG files Update Instructions The issue can be resolved by updating the system to the following package versions: - Ubuntu 13.10: libjpeg-turbo8 - 1.3.0-0ubuntu1.1, libjpeg62 - 6b1-3ubuntu1.13.10.1, libturbojpeg - 1.3.0-0ubuntu1.1 - Ubuntu 13.04: libjpeg-turbo8 - 1.2.1-0ubuntu2.13.04.1, libjpeg62 - 6b1-3ubuntu1.13.04.1, libturbojpeg - 1.2.1-0ubuntu2.13.04.1 - Ubuntu 12.10: libjpeg-turbo8 - 1.2.1-0ubuntu2.12.10.1, libjpeg62 - 6b1-2ubuntu2.1, libturbojpeg - 1.2.1-0ubuntu2.12.10.1 - Ubuntu 12.04: libjpeg-turbo8 - 1.1.90+svn733-0ubuntu4.3, libjpeg62 - 6b1-2ubuntu1.1, libturbojpeg - 1.1.90+svn733-0ubuntu4.3 - Ubuntu 10.04: libjpeg62 - 6b-15ubuntu1.1 References CVE IDs: CVE-2013-6630, CVE-2013-6629 Related Advisories USN-2053-1 USN-2052-1