Updated libgsf packages fix security vulnerability
Publication date: 29 Dec 2016Modification date: 29 Dec 2016
Type: security
Affected Mageia releases : 5
CVE: CVE-2016-9888
Description
An error within the "tar_directory_for_file()" function (gsf-infile-tar.c) in GNOME Structured File Library before 1.14.41 can be exploited to trigger a Null pointer dereference and subsequently cause a crash via a crafted TAR file (CVE-2016-9888).
References
SRPMS
5/core
- libgsf-1.14.31-1.1.mga5