Updated libvdpau packages fix security vulnerabilities
Publication date: 13 Sep 2015Modification date: 13 Sep 2015
Type: security
Affected Mageia releases : 4 , 5
CVE: CVE-2015-5198 , CVE-2015-5199 , CVE-2015-5200
Description
Updated libvdpau packages fix security vulnerabilities: libvdpau versions 1.1 and earlier, when used in setuid or setgid applications, contain vulnerabilities related to environment variable handling that could allow an attacker to execute arbitrary code or overwrite arbitrary files (CVE-2015-5198, CVE-2015-5199, and CVE-2015-5200).
References
SRPMS
4/core
- libvdpau-1.1.1-1.mga4
5/core
- libvdpau-1.1.1-1.mga5