Updated xfig packages fix security vulnerability
Publication date: 18 Mar 2023Modification date: 18 Mar 2023
Type: security
Affected Mageia releases : 8
CVE: CVE-2021-40241
Description
A potential buffer overflow exists in the file src/w_help.c at line 55. Specifically, the length of the string returned by getenv("LANG") may become very long and cause a buffer overflow while executing the sprintf() function. This vulnerability could potentially allow an attacker to execute arbitrary code or cause a denial-of-service condition. (CVE-2021-40241)
References
SRPMS
8/core
- xfig-3.2.7b-1.1.mga8