Updated libcaca packages fix security vulnerabilities
Publication date: 23 Jan 2019Modification date: 23 Jan 2019
Type: security
Affected Mageia releases : 6
CVE: CVE-2018-20544 , CVE-2018-20545 , CVE-2018-20546 , CVE-2018-20547 , CVE-2018-20548 , CVE-2018-20549
Description
It was discovered that libcaca incorrectly handled certain images. An
attacker could possibly use this issue to cause a denial of service
(CVE-2018-20544).
It was discovered that libcaca incorrectly handled certain images. An
attacker could possibly use this issue to execute arbitrary code
(CVE-2018-20545, CVE-2018-20548, CVE-2018-20459).
It was discovered that libcaca incorrectly handled certain images. An
attacker could possibly use this issue to access sensitive information
(CVE-2018-20546, CVE-2018-20547).
References
- https://bugs.mageia.org/show_bug.cgi?id=24208
- https://usn.ubuntu.com/3860-1/
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20544
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20545
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20546
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20547
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20548
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20549
SRPMS
6/core
- libcaca-0.99-0.beta18.13.1.mga6