Updated transfig package fix security vulnerability
Publication date: 25 Dec 2017Modification date: 25 Dec 2017
Type: security
Affected Mageia releases : 5 , 6
CVE: CVE-2017-16899
Description
An out-of-bounds read flaw was found in the way fig2dev program in Xfig handled the processing of Fig format files. This flaw could potentially be used to crash the fig2dev program by tricking it into processing specially crafted Fig format files (CVE-2017-16899).
References
SRPMS
6/core
- transfig-3.2.5d-9.1.mga6
5/core
- transfig-3.2.5d-8.1.mga5