libjpeg-turbo 1.5.2 has a NULL Pointer Dereference in jdpostct.c and jquant1.c via a crafted JPEG file. An attacker can use this flaw to crash the application.
Created libjpeg-turbo tracking bugs for this issue:
Affects: fedora-all [bug 1475744]
Created mingw-libjpeg-turbo tracking bugs for this issue:
Affects: epel-7 [bug 1475746]
Affects: fedora-all [bug 1475745]