Updated openscad package fixes a security vulnerability
Publication date: 27 Mar 2021Modification date: 27 Mar 2021
Type: security
Affected Mageia releases : 7 , 8
CVE: CVE-2020-28599
Description
A stack-based buffer overflow vulnerability exists in the
import_stl.cc:import_stl() functionality of Openscad openscad-2020.12-RC2. A
specially crafted STL file can lead to code execution. An attacker can provide
a malicious file to trigger this vulnerability (CVE-2020-28599).
References
SRPMS
7/core
- openscad-2019.05-1.1.mga7
8/core
- openscad-2021.01-1.mga8