Advisories ยป MGASA-2021-0226

Updated libebml packages fix security vulnerabilities

Publication date: 08 Jun 2021
Modification date: 07 Jun 2021
Type: security
Affected Mageia releases : 7
CVE: CVE-2021-3405

Description

Updated libebml packages fix security vulnerabilities:

Heap use-after-free when parsing malformed file.

A flaw was found in libebml before 1.4.2. A heap overflow bug exists in the implementation of EbmlString::ReadData and EbmlUnicodeString::ReadData in libebml (CVE-2021-3405). 

The mkvtoolnix, libmatroska packages have been rebuilt for the
updated libebml.
                

References

SRPMS

7/core