Advisories » MGASA-2024-0087

Updated freeimage packages fix security vulnerabilities

Publication date: 24 Mar 2024
Modification date: 24 Mar 2024
Type: security
Affected Mageia releases : 9
CVE: CVE-2023-47995 , CVE-2023-47997

Description

Buffer Overflow vulnerability in FreeImage_AllocateBitmap.
(CVE-2023-47995)
Infinite loop exits in Load in PluginTIFF.cpp. (CVE-2023-47997)
                

References

• https://bugs.mageia.org/show_bug.cgi?id=32988
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VLDUDJOWZAKBQMQ7XYNJTRCFPOB56BOE/
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-47995
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-47997

SRPMS

9/core

• freeimage-3.18.0-10.1.mga9