Advisories » MGASA-2020-0257

Updated xawtv packages fix security vulnerability

Publication date: 10 Jun 2020
Modification date: 10 Jun 2020
Type: security
Affected Mageia releases : 7
CVE: CVE-2020-13696

Description

Updated xawtv packages fix security vulnerability:

The v4l-conf program in xawtv allows users to determine the existence of
file names in directories they do not have access to, and allows a user
to have the system open files they do not have access to, though it does
not provide the user access to the file contents (CVE-2020-13696).
                

References

• https://bugs.mageia.org/show_bug.cgi?id=26736
• https://www.openwall.com/lists/oss-security/2020/06/04/6
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13696

SRPMS

7/core

• xawtv-3.107-1.1.mga7