Updated abcm2ps packages fix security vulnerability
Publication date: 24 Mar 2022Modification date: 24 Mar 2022
Type: security
Affected Mageia releases : 8
CVE: CVE-2021-32434 , CVE-2021-32435 , CVE-2021-32436
Description
abcm2ps v8.14.11 was discovered to contain an out-of-bounds read in the function calculate_beam at draw.c. (CVE-2021-32434) Stack-based buffer overflow in the function get_key in parse.c of abcm2ps v8.14.11 allows remote attackers to cause a Denial of Service (DoS) via unspecified vectors. (CVE-2021-32435) An out-of-bounds read in the function write_title() in subs.c of abcm2ps v8.14.11 allows remote attackers to cause a Denial of Service (DoS) via unspecified vectors. (CVE-2021-32436)
References
- https://bugs.mageia.org/show_bug.cgi?id=30195
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/6333SXWMES3K22DBAOAW34G6EU6WIJEY/
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32434
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32435
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32436
SRPMS
8/core
- abcm2ps-8.14.13-1.mga8