Advisories » MGASA-2019-0235

Updated pango packages fix security vulnerability

Publication date: 31 Aug 2019
Modification date: 31 Aug 2019
Type: security
Affected Mageia releases : 7
CVE: CVE-2019-1010238

Description

Updated pango package fixes security vulnerability:

It was discovered that pango was subject to a heap based buffer overflow
vulnerability which could be used to get code execution (CVE-2019-1010238).
                

References

• https://bugs.mageia.org/show_bug.cgi?id=25288
• https://usn.ubuntu.com/4081-1/
• https://www.debian.org/security/2019/dsa-4496
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1010238

SRPMS

7/core

• pango-1.43.0-3.1.mga7