Advisories » MGASA-2017-0175

Updated libcryptopp packages fix security vulnerability

Publication date: 14 Jun 2017
Modification date: 14 Jun 2017
Type: security
Affected Mageia releases : 5
CVE: CVE-2017-9434

Description

Crypto++'s Zinflate class, used by classes like Gunzip and Inflator, could
perform an out-of-bounds read when decompressing data (CVE-2017-9434).
                

References

• https://bugs.mageia.org/show_bug.cgi?id=21029
• http://openwall.com/lists/oss-security/2017/06/06/2
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9434

SRPMS

5/core

• libcryptopp-5.6.3-1.4.mga5