Advisories » MGASA-2015-0474

Updated potrace packages fix security vulnerabilities

Publication date: 16 Dec 2015
Modification date: 16 Dec 2015
Type: security
Affected Mageia releases : 5

Description

Potrace before 1.13 has some critical bugs in the processing of BMP files.
These bugs allowed the program to be crashed, or potentially to be abused in
other ways, by feeding it specially crafted BMP files, due to heap overflow,
null pointer dereference, and divide by zero issues.
                

References

• https://bugs.mageia.org/show_bug.cgi?id=17317
• http://potrace.sourceforge.net/NEWS
• https://lists.fedoraproject.org/pipermail/package-announce/2015-December/173441.html

SRPMS

5/core

• potrace-1.13-1.mga5