{ "schema_version": "1.7.0", "id": "MGASA-2022-0066", "published": "2022-02-18T00:14:24Z", "modified": "2022-02-17T23:28:27Z", "summary": "Updated nas packages fix security vulnerability", "details": "Stack-based buffer overflow in auphone.c that can be triggered by an\nenvironment variable.\n\nAlso, the x11-util-cf-files package has been patched to allow building nas.\n", "references": [ { "type": "ADVISORY", "url": "https://advisories.mageia.org/MGASA-2022-0066.html" }, { "type": "REPORT", "url": "https://bugs.mageia.org/show_bug.cgi?id=30020" }, { "type": "WEB", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/KQX5YL7OVJTMPDFFPFACDNNE2LEUDC3J/" }, { "type": "REPORT", "url": "https://sourceforge.net/p/nas/bugs/8/" }, { "type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1943020" } ], "affected": [ { "package": { "ecosystem": "Mageia:8", "name": "nas", "purl": "pkg:rpm/mageia/nas?arch=source&distro=mageia-8" }, "ranges": [ { "type": "ECOSYSTEM", "events": [ { "introduced": "0" }, { "fixed": "1.9.4-11.1.mga8" } ] } ], "ecosystem_specific": { "section": "core" } }, { "package": { "ecosystem": "Mageia:8", "name": "x11-util-cf-files", "purl": "pkg:rpm/mageia/x11-util-cf-files?arch=source&distro=mageia-8" }, "ranges": [ { "type": "ECOSYSTEM", "events": [ { "introduced": "0" }, { "fixed": "1.0.6-5.1.mga8" } ] } ], "ecosystem_specific": { "section": "core" } } ], "credits": [ { "name": "Mageia", "type": "COORDINATOR", "contact": [ "https://wiki.mageia.org/en/Packages_Security_Team" ] } ] }