Updated patch packages fix security vulnerabilities
Publication date: 14 Jun 2018Modification date: 14 Jun 2018
Type: security
Affected Mageia releases : 5 , 6
CVE: CVE-2016-10713 , CVE-2018-6951 , CVE-2018-1000156
Description
Updated patch package fixes security vulnerabilities: It was discovered that Patch incorrectly handled certain files. An attacker could possibly use this to cause a denial of service (CVE-2016-10713). It was discovered that Patch incorrectly handled certain inputs. An attacker could possibly use this to cause a denial of service (CVE-2018-6951). It was discovered that Patch incorrectly handled certain input validation. An attacker could possibly use this to execute arbitrary code (CVE-2018-1000156).
References
SRPMS
5/core
- patch-2.7.6-1.mga5
6/core
- patch-2.7.6-1.mga6