Advisories ยป MGASA-2024-0353

Updated htmldoc packages fix security vulnerabilities

Publication date: 09 Nov 2024
Modification date: 09 Nov 2024
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-45508 , CVE-2024-46478

Description

HTMLDOC before 1.9.19 has an out-of-bounds write in parse_paragraph in
ps-pdf.cxx because of an attempt to strip leading whitespace from a
whitespace-only node. (CVE-2024-45508)
HTMLDOC v1.9.18 contains a buffer overflow in parse_pre
function,ps-pdf.cxx:5681. (CVE-2024-46478)

References

SRPMS

9/core