Updated graphviz packages fix CVE-2014-9157
Publication date: 09 Dec 2014Modification date: 09 Dec 2014
Type: security
Affected Mageia releases : 4
CVE: CVE-2014-9157
Description
Updated graphviz packages fix security vulnerability: Format string vulnerability in the yyerror function in lib/cgraph/scan.l in Graphviz allows remote attackers to have unspecified impact via format string specifiers in unknown vector, which are not properly handled in an error string (CVE-2014-9157).
References
SRPMS
4/core
- graphviz-2.34.0-6.1.mga4