Advisories » MGASA-2016-0366

This update of rpm fixes several security issues

Publication date: 04 Nov 2016
Modification date: 04 Nov 2016
Type: security
Affected Mageia releases : 5
CVE: 2014-8118 , 2013-6435

Description

All of those fixes were already backported in Mageia but for :
- Fix out-of-bounds read on signature checking of malformed package (RhBug:1373107)
                

References

• https://bugs.mageia.org/show_bug.cgi?id=19710
• http://rpm.org/wiki/Releases/4.12.0.2
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-8118
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-6435

SRPMS

5/core

• rpm-4.12.0.2-1.7.mga5