Advisories » MGASA-2018-0464

Updated gettext packages fix security vulnerability

Publication date: 21 Nov 2018
Modification date: 21 Nov 2018
Type: security
Affected Mageia releases : 6
CVE: CVE-2018-18751

Description

An issue was discovered in GNU gettext 0.19.8. There is a double free in
default_add_message in read-catalog.c, related to an invalid free in
po_gram_parse in po-gram-gen.y, as demonstrated by lt-msgfmt.
(CVE-2018-18751)
                

References

• https://bugs.mageia.org/show_bug.cgi?id=23843
• https://usn.ubuntu.com/3815-1/
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18751

SRPMS

6/core

• gettext-0.19.8.1-1.1.mga6