Updated jbig2dec packages fix security vulnerability
Publication date: 03 Jan 2018Modification date: 03 Jan 2018
Type: security
Affected Mageia releases : 5 , 6
CVE: CVE-2017-9216
Description
libjbig2dec.a in Artifex jbig2dec 0.13 has a NULL pointer dereference in the jbig2_huffman_get function in jbig2_huffman.c. For example, the jbig2dec utility will crash (segmentation fault) when parsing an invalid file (CVE-2017-9216).
References
SRPMS
6/core
- jbig2dec-0.14-1.mga6
5/core
- jbig2dec-0.14-1.mga5