|
|
Subscribe / Log in / New account

Mageia alert MGASA-2016-0297 (eog)



From:
    	      Mageia Updates <buildsystem-daemon@mageia.org> 


To:
    	      updates-announce@ml.mageia.org 


Subject:
    	      [updates-announce] MGASA-2016-0297: Updated eog packages fix security vulnerability 


Date:
    	      Wed, 31 Aug 2016 19:34:43 +0200


Message-ID:
    	      <20160831173443.1518B9F789@duvel.mageia.org>


MGASA-2016-0297 - Updated eog packages fix security vulnerability

Publication date: 31 Aug 2016
URL: http://advisories.mageia.org/MGASA-2016-0297.html

Type: security
Affected Mageia releases: 5
CVE: CVE-2016-6855

Description:
An out-of-bounds write vulnerability in eog was found when processing specially
crafted SVG file. Due to passing the error message containing invalid UTF-8
character to GMarkup, out-of-bounds access is triggered (CVE-2016-6855).

References:
- https://bugs.mageia.org/show_bug.cgi?id=19244

-
https://lists.fedoraproject.org/archives/list/package-ann...
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6855


SRPMS:
- 5/core/eog-3.14.3-1.2.mga5
to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds