/[advisories]/24586.adv
ViewVC logotype

Annotation of /24586.adv

Parent Directory Parent Directory | Revision Log Revision Log


Revision 8414 - (hide annotations) (download)
Thu Apr 4 12:58:54 2019 UTC (3 months, 1 week ago) by davidwhodgins
File size: 725 byte(s)
Adding security advisory for cfitsio mga#24586
1 davidwhodgins 8414 type: security
2     subject: Updated cfitsio packages fix security vulnerability
3     CVE:
4     - CVE-2018-3846
5     - CVE-2018-3848
6     - CVE-2018-3849
7     src:
8     6:
9     core:
10     - cfitsio-3.430-1.1.mga6
11     description: |
12     CVE-2018-3846: Unsafe use of sprintf() can allow a remote unauthenticated
13     attacker to execute arbitrary code
14     CVE-2018-3848: Stack-based buffer overflow in ffghbn() allows for
15     potential code execution
16     CVE-2018-3849: Stack-based buffer overflow in ffghtb() allows for
17     potential code execution
18     references:
19     - https://bugs.mageia.org/show_bug.cgi?id=24586
20     - https://bugzilla.redhat.com/show_bug.cgi?id=1563915
21     - https://bugzilla.redhat.com/show_bug.cgi?id=1568184
22     - https://bugzilla.redhat.com/show_bug.cgi?id=1568189

  ViewVC Help
Powered by ViewVC 1.1.26