Advisories » MGASA-2019-0013

Updated libextractor packages fix security vulnerabilities

Publication date: 05 Jan 2019
Modification date: 05 Jan 2019
Type: security
Affected Mageia releases : 6
CVE: CVE-2018-20430 , CVE-2018-20431

Description

Several vulnerabilities were discovered in libextractor which may lead
to denial of service or memory disclosure if a malformed OLE file is
processed (CVE-2018-20430, CVE-2018-20431).
                

References

• https://bugs.mageia.org/show_bug.cgi?id=24093
• https://www.debian.org/security/2018/dsa-4361
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20430
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20431

SRPMS

6/core

• libextractor-1.7-1.1.mga6