1 |
type: security |
2 |
subject: Updated advancecomp packages fix security vulnerability |
3 |
CVE: |
4 |
- CVE-2019-9210 |
5 |
src: |
6 |
6: |
7 |
core: |
8 |
- advancecomp-1.20-3.3.mga6 |
9 |
description: | |
10 |
advancecomp has been updated to fix a security issue that could be |
11 |
triggered when pressented with a malformed PNG file. advancecomp |
12 |
contained an integer overflow upon encountering an invalid PNG size, which |
13 |
could result in a buffer overflow (CVE-2019-9210), as well as a heap-based |
14 |
buffer over-read. |
15 |
references: |
16 |
- https://bugs.mageia.org/show_bug.cgi?id=24535 |
17 |
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/DPZCDOUS5QYMW45SCXCDPCWKC4QVMPLU/ |
18 |
ID: MGASA-2019-0128 |