Updated graphviz packages fix security vulnerability
Publication date: 11 Jul 2018Modification date: 11 Jul 2018
Type: security
Affected Mageia releases : 5 , 6
CVE: CVE-2018-10196
Description
NULL pointer dereference vulnerability in the rebuild_vlists function in lib/dotgen/conc.c in the dotgen library in Graphviz 2.40.1 allows remote attackers to cause a denial of service (application crash) via a crafted file. (CVE-2018-10196)
References
SRPMS
5/core
- graphviz-2.38.0-10.1.mga5
6/core
- graphviz-2.38.0-20.1.mga6