DescriptionThe ProcessGpsInfo function of the gpsinfo.c file of jhead 3.00 may allow a remote attacker to cause a denial-of-service attack or unspecified other impact via a malicious JPEG file, because of inconsistency between float and double in a sprintf format string during TAG_GPS_ALT handling.
Overall state of this security issue: Does not affect SUSE products
This issue is currently rated as having low severity.SUSE Bugzilla entries: 1108480 [RESOLVED / FIXED], 1108672 SUSE Security Advisories:
- openSUSE-SU-2018:2827-1, published Mon, 24 Sep 2018 15:15:30 +0200 (CEST)
List of released packages
|Product(s)||Fixed package version(s)||References|
|openSUSE Leap 15.0|| ||Patchnames:
|openSUSE Leap 42.3|| ||Patchnames: