Updated advancecomp packages fix security vulnerability
Publication date: 05 Jan 2020Modification date: 05 Jan 2020
Type: security
Affected Mageia releases : 7
CVE: CVE-2019-8383
Description
Updated advancecomp package fixes security vulnerability:
An issue was discovered in AdvanceCOMP through 2.1. An invalid memory address
occurs in the function adv_png_unfilter_8 in lib/png.c. It can be triggered by
sending a crafted file to a binary. It allows an attacker to cause a Denial of
Service (Segmentation fault) or possibly have unspecified other impact when a
victim opens a specially crafted file (CVE-2019-8383).
References
SRPMS
7/core
- advancecomp-2.1-4.1.mga7