Advisories » MGASA-2024-0159

Updated guava packages fix security vulnerabilities

Publication date: 30 Apr 2024
Modification date: 30 Apr 2024
Type: security
Affected Mageia releases : 9
CVE: CVE-2020-8908 , CVE-2023-2976

Description

A bug that could allow an attacker with access to the machine to
potentially access data in a temporary directory created by the Guava.
(CVE-2020-8908)
Predictable temporary files and directories used in
FileBackedOutputStream. (CVE-2023-2976)
                

References

• https://bugs.mageia.org/show_bug.cgi?id=33071
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8908
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2976

SRPMS

9/core

• guava-32.0.1-1.mga9