/[advisories]/24586.adv
ViewVC logotype

Annotation of /24586.adv

Parent Directory Parent Directory | Revision Log Revision Log


Revision 8435 - (hide annotations) (download)
Fri Apr 5 17:37:49 2019 UTC (5 months, 1 week ago) by tmb
File size: 745 byte(s)
MGASA-2019-0133: cfitsio-3.430-1.1.mga6
1 davidwhodgins 8414 type: security
2     subject: Updated cfitsio packages fix security vulnerability
3     CVE:
4     - CVE-2018-3846
5     - CVE-2018-3848
6     - CVE-2018-3849
7     src:
8     6:
9     core:
10     - cfitsio-3.430-1.1.mga6
11     description: |
12     CVE-2018-3846: Unsafe use of sprintf() can allow a remote unauthenticated
13     attacker to execute arbitrary code
14     CVE-2018-3848: Stack-based buffer overflow in ffghbn() allows for
15     potential code execution
16     CVE-2018-3849: Stack-based buffer overflow in ffghtb() allows for
17     potential code execution
18     references:
19     - https://bugs.mageia.org/show_bug.cgi?id=24586
20     - https://bugzilla.redhat.com/show_bug.cgi?id=1563915
21     - https://bugzilla.redhat.com/show_bug.cgi?id=1568184
22     - https://bugzilla.redhat.com/show_bug.cgi?id=1568189
23 tmb 8435 ID: MGASA-2019-0133

  ViewVC Help
Powered by ViewVC 1.1.26