MGASA-2017-0058

Source
https://advisories.mageia.org/MGASA-2017-0058.html
Import Source
https://advisories.mageia.org/MGASA-2017-0058.json
JSON Data
https://api.test.osv.dev/v1/vulns/MGASA-2017-0058
Related
Published
2017-02-20T13:00:19Z
Modified
2017-02-20T12:50:03Z
Summary
Updated netpbm packages fix security vulnerability
Details

Version 10.73.07 fixes security vulnerabilities:

  • Out-of-bounds write in writeRasterPbm() (CVE-2017-2581)
  • Out-of-bounds read in expandCodeOntoStack() (CVE-2017-2579)
  • Out-of-bounds write of heap data in addPixelToRaster() (CVE-2017-2580)
  • Null pointer dereference in stringToUint (CVE-2017-2586)
  • Insufficient size check of memory allocation in createCanvas() (CVE-2017-2587)
References
Credits

Affected packages

Mageia:5 / netpbm

Package

Name
netpbm
Purl
pkg:rpm/mageia/netpbm?distro=mageia-5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
10.73.07-1.mga5

Ecosystem specific

{
    "section": "core"
}