type: security subject: Updated netpbm packages fix security vulnerability CVE: - CVE-2018-8975 src: 6: core: - netpbm-10.73.07-1.1.mga6 description: | The pm_mallocarray2 function allowed remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted image file (CVE-2018-8975). references: - https://bugs.mageia.org/show_bug.cgi?id=24753 - https://lists.opensuse.org/opensuse-updates/2019-04/msg00113.html ID: MGASA-2019-0183