Bug 31424 - jpegoptim new security issue CVE-2022-32325
Summary: jpegoptim new security issue CVE-2022-32325
Alias: None
Product: Mageia
Classification: Unclassified
Component: Security (show other bugs)
Version: 8
Hardware: All Linux
Priority: Normal normal
Target Milestone: ---
Assignee: QA Team
QA Contact: Sec team
Whiteboard: MGA8-64-OK
Keywords: advisory, validated_update
Depends on:
Reported: 2023-01-18 00:35 CET by David Walser
Modified: 2023-01-24 09:00 CET (History)
5 users (show)

See Also:
Source RPM: jpegoptim-1.5.0-1.mga9.src.rpm
Status comment:


Description David Walser 2023-01-18 00:35:59 CET
Fedora has issued an advisory on January 14:

The issue is fixed upstream in 1.5.1.

Mageia 8 is also affected.
David Walser 2023-01-18 00:36:12 CET

Whiteboard: (none) => MGA8TOO
Status comment: (none) => Fixed upstream in 1.5.1

Comment 1 David GEIGER 2023-01-18 16:54:46 CET
Done for both Cauldron and mga8!

CC: (none) => geiger.david68210

Comment 2 David Walser 2023-01-18 20:59:39 CET

from jpegoptim-1.5.1-1.mga8.src.rpm

Version: Cauldron => 8
Assignee: bugsquad => qa-bugs
Status comment: Fixed upstream in 1.5.1 => (none)
Whiteboard: MGA8TOO => (none)

Comment 3 Herman Viaene 2023-01-19 13:42:40 CET
MGA8-64 MATE on Acer Aspire 5253
No installation issues
No wiki, no previous updates, found https://www.mankier.com/1/jpegoptim and tried command
$ jpegoptim -d testjpegopt/ -v -m 100 D053.jpg  D078.jpg  flipped.jpg  withcomment.jpg  work1.jpg  work2.jpg  work3.jpg  work4.jpg
Image quality limit set to: 100
D053.jpg 1656x988 24bit N JFIF  [OK] (retry w/lossless) 125813 --> 116929 bytes (7.06%), optimized.
D078.jpg 903x988 24bit N Exif JFIF  [OK] (retry w/lossless) 99741 --> 87785 bytes (11.99%), optimized.
flipped.jpg 903x988 24bit N JFIF  [OK] (retry w/lossless) 99759 --> 87824 bytes (11.96%), optimized.
withcomment.jpg 1656x988 24bit N JFIF  [OK] (retry w/lossless) 125827 --> 116943 bytes (7.06%), optimized.
work1.jpg 988x1656 24bit N JFIF  [OK] (retry w/lossless) 124326 --> 115552 bytes (7.06%), optimized.
work2.jpg 988x1656 24bit N JFIF  [OK] (retry w/lossless) 124367 --> 115563 bytes (7.08%), optimized.
work3.jpg 1656x988 24bit N JFIF  [OK] (retry w/lossless) 125857 --> 117003 bytes (7.03%), optimized.
work4.jpg 812x648 24bit N JFIF  [OK] (retry w/lossless) 47818 --> 44914 bytes (6.07%), optimized.
And indeed, size was reduced and at the same time in plain view and zoomed in, the resulting pictures seem somewhat crispier in details.
Fine with me.

CC: (none) => herman.viaene
Whiteboard: (none) => MGA8-64-OK

Comment 4 Thomas Andrews 2023-01-19 14:01:00 CET

Keywords: (none) => validated_update
CC: (none) => andrewsfarm, sysadmin-bugs

Dave Hodgins 2023-01-24 02:15:08 CET

CC: (none) => davidwhodgins
Keywords: (none) => advisory

Comment 5 Mageia Robot 2023-01-24 09:00:50 CET
An update for this issue has been pushed to the Mageia Updates repository.


Resolution: (none) => FIXED

Note You need to log in before you can comment on or make changes to this bug.