Advisories ยป MGASA-2021-0250

Updated gnuchess package fix a security vulnerability

Publication date: 13 Jun 2021
Modification date: 13 Jun 2021
Type: security
Affected Mageia releases : 7 , 8
CVE: CVE-2021-30184

Description

GNU Chess 6.2.7 allows attackers to execute arbitrary code via crafted PGN 
(Portable Game Notation) data. This is related to a buffer overflow in the 
use of a .tmp.epd temporary file in the cmd_pgnload and cmd_pgnreplay 
functions in frontend/cmd.cc. (CVE-2021-30184).
                

References

SRPMS

7/core

8/core