Advisories ยป MGASA-2016-0288

Updated bsdiff packages fix security vulnerability

Publication date: 31 Aug 2016
Type: security
Affected Mageia releases : 5
CVE: CVE-2014-9862

Description

Integer signedness error in bspatch.c in bspatch in bsdiff allows remote
attackers to execute arbitrary code or cause a denial of service
(heap-based buffer overflow) via a crafted patch file (CVE-2014-9862).
                

References

SRPMS

5/core