Advisories ยป MGASA-2015-0482

Updated dpkg packages fix CVE-2015-0860

Publication date: 23 Dec 2015
Type: security
Affected Mageia releases : 5
CVE: CVE-2015-0860

Description

Updated dpkg packages fix security vulnerability:

Hanno Boeck discovered a stack-based buffer overflow in the dpkg-deb component
of dpkg. This flaw could potentially lead to arbitrary code execution if a user
or an automated system were tricked into processing a specially crafted Debian
binary package (.deb) in the old style Debian binary package format
(CVE-2015-0860).
                

References

SRPMS

5/core