Advisories » MGASA-2022-0066

Updated nas packages fix security vulnerability

Publication date: 18 Feb 2022
Modification date: 17 Feb 2022
Type: security
Affected Mageia releases : 8

Description

Stack-based buffer overflow in auphone.c that can be triggered by an
environment variable.

Also, the x11-util-cf-files package has been patched to allow building nas.
                

References

• https://bugs.mageia.org/show_bug.cgi?id=30020
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/KQX5YL7OVJTMPDFFPFACDNNE2LEUDC3J/
• https://sourceforge.net/p/nas/bugs/8/
• https://bugzilla.redhat.com/show_bug.cgi?id=1943020

SRPMS

8/core

• nas-1.9.4-11.1.mga8
• x11-util-cf-files-1.0.6-5.1.mga8