Advisories » MGASA-2019-0183

Updated netpbm packages fix security vulnerability

Publication date: 19 May 2019
Modification date: 19 May 2019
Type: security
Affected Mageia releases : 6
CVE: CVE-2018-8975

Description

The pm_mallocarray2 function allowed remote attackers to cause a denial of
service (heap-based buffer over-read) via a crafted image file
(CVE-2018-8975).
                

References

• https://bugs.mageia.org/show_bug.cgi?id=24753
• https://lists.opensuse.org/opensuse-updates/2019-04/msg00113.html
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8975

SRPMS

6/core

• netpbm-10.73.07-1.1.mga6