Updated gifsicle package fixes security vulnerability
Publication date: 14 Jun 2018Modification date: 14 Jun 2018
Type: security
Affected Mageia releases : 6
CVE: CVE-2017-18120
Description
Updated gifsicle package fixes security vulnerability:
A double-free bug in the read_gif function in gifread.c in gifsicle 1.90 allows
a remote attacker to cause a denial-of-service attack or unspecified other
impact via a maliciously crafted file, because last_name is mishandled
(CVE-2017-18120).
References
SRPMS
6/core
- gifsicle-1.88-1.2.mga6