Advisories » MGASA-2020-0076

Updated mgetty packages fix security vulnerability

Publication date: 09 Feb 2020
Modification date: 09 Feb 2020
Type: security
Affected Mageia releases : 7
CVE: CVE-2019-1010189

Description

Updated mgetty package fixes security vulnerability:

mgetty prior to version 1.2.1 is affected by: Infinite Loop. The impact
is: DoS, the program does never terminates. The component is: g3/g32pbm.c.
The attack vector is: Local, the user should open a specially crafted file
(CVE-2019-1010189).
                

References

• https://bugs.mageia.org/show_bug.cgi?id=25941
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/YH7KTF6IB4LZURQHCOICNVE6YDAIHV62
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1010189

SRPMS

7/core

• mgetty-1.2.1-1.mga7