MGASA-2016-0427

Source
https://advisories.mageia.org/MGASA-2016-0427.html
Import Source
https://advisories.mageia.org/MGASA-2016-0427.json
JSON Data
https://api.test.osv.dev/v1/vulns/MGASA-2016-0427
Related
Published
2016-12-29T10:29:11Z
Modified
2016-12-29T10:17:07Z
Summary
Updated libgsf packages fix security vulnerability
Details

An error within the "tardirectoryfor_file()" function (gsf-infile-tar.c) in GNOME Structured File Library before 1.14.41 can be exploited to trigger a Null pointer dereference and subsequently cause a crash via a crafted TAR file (CVE-2016-9888).

References
Credits

Affected packages

Mageia:5 / libgsf

Package

Name
libgsf
Purl
pkg:rpm/mageia/libgsf?distro=mageia-5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.14.31-1.1.mga5

Ecosystem specific

{
    "section": "core"
}