advisories/27953.adv

type: security
subject: Updated blosc packages fix a security vulnerability
CVE:
 - CVE-2020-29367
src:
  7:
   core:
     - blosc-1.20.1-1.mga7
description: |
  A heap-based buffer overflow vulnerability was found in the blosc library.
  Depending on how the library is used, if there is a lack of space to write
  compressed data, an attacker might exploit this flaw to crash the program or
  potentially execute arbitrary code (CVE-2020-29367).
references:
 - https://bugs.mageia.org/show_bug.cgi?id=27953
 - https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/VPTII3AXCRZZGBCOLCFY7HQI24L2PGVQ/
ID: MGASA-2021-0051
1	type: security
2	subject: Updated blosc packages fix a security vulnerability
3	CVE:
4	- CVE-2020-29367
5	src:
6	7:
7	core:
8	- blosc-1.20.1-1.mga7
9	description: \|
10	A heap-based buffer overflow vulnerability was found in the blosc library.
11	Depending on how the library is used, if there is a lack of space to write
12	compressed data, an attacker might exploit this flaw to crash the program or
13	potentially execute arbitrary code (CVE-2020-29367).
14	references:
15	- https://bugs.mageia.org/show_bug.cgi?id=27953
16	- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/VPTII3AXCRZZGBCOLCFY7HQI24L2PGVQ/
17	ID: MGASA-2021-0051