Advisories ยป MGASA-2018-0280

Updated gifsicle package fixes security vulnerability

Publication date: 14 Jun 2018
Modification date: 14 Jun 2018
Type: security
Affected Mageia releases : 6
CVE: CVE-2017-18120

Description

Updated gifsicle package fixes security vulnerability:

A double-free bug in the read_gif function in gifread.c in gifsicle 1.90 allows
a remote attacker to cause a denial-of-service attack or unspecified other
impact via a maliciously crafted file, because last_name is mishandled
(CVE-2017-18120).
                

References

SRPMS

6/core