Advisories ยป MGASA-2017-0447

Updated optipng packages fix security vulnerability

Publication date: 10 Dec 2017
Type: security
Affected Mageia releases : 5 , 6
CVE: CVE-2017-1000229 , CVE-2017-16938

Description

- CVE-2017-1000229: Fix integer overflow bug in function
  minitiff_read_info() allows an attacker to remotely execute code or
  cause denial of service.
- CVE-2017-16938: Fix a global buffer overflow that allows attackers to
  cause DoS via a maliciously crafted GIF file.
                

References

SRPMS

6/core

5/core