{
  "schema_version": "1.6.2",
  "id": "MGASA-2017-0222",
  "published": "2017-07-28T18:12:15Z",
  "modified": "2017-07-27T20:48:38Z",
  "summary": "Updated valgrind packages fix security vulnerabilities",
  "details": "It was discovered that Valgrind incorectly handled certain string\noperations. If a user or automated system were tricked into processing\na specially crafted binary, a remote attacker could possibly execute\narbitrary code (CVE-2016-2226).\n\nIt was discovered that Valgrind incorrectly handled parsing certain\nbinaries. If a user or automated system were tricked into processing a\nspecially crafted binary, a remote attacker could use this issue to\ncause Valgrind to crash, resulting in a denial of service\n(CVE-2016-4487, CVE-2016-4488, CVE-2016-4489, CVE-2016-4490,\nCVE-2016-4491, CVE-2016-4492, CVE-2016-4493, CVE-2016-6131).\n",
  "related": [
    "CVE-2016-2226",
    "CVE-2016-4487",
    "CVE-2016-4488",
    "CVE-2016-4489",
    "CVE-2016-4490",
    "CVE-2016-4491",
    "CVE-2016-4492",
    "CVE-2016-4493",
    "CVE-2016-6131"
  ],
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://advisories.mageia.org/MGASA-2017-0222.html"
    },
    {
      "type": "REPORT",
      "url": "https://bugs.mageia.org/show_bug.cgi?id=21126"
    },
    {
      "type": "REPORT",
      "url": "https://www.ubuntu.com/usn/usn-3337-1/"
    }
  ],
  "affected": [
    {
      "package": {
        "ecosystem": "Mageia:5",
        "name": "valgrind",
        "purl": "pkg:rpm/mageia/valgrind?arch=source&distro=mageia-5"
      },
      "ranges": [
        {
          "type": "ECOSYSTEM",
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "3.10.1-2.1.mga5"
            }
          ]
        }
      ],
      "ecosystem_specific": {
        "section": "core"
      }
    }
  ],
  "credits": [
    {
      "name": "Mageia",
      "type": "COORDINATOR",
      "contact": [
        "https://wiki.mageia.org/en/Packages_Security_Team"
      ]
    }
  ]
}