MGASA-2017-0137

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2017-0137.html

Import Source

https://advisories.mageia.org/MGASA-2017-0137.json

JSON Data

https://api.test.osv.dev/v1/vulns/MGASA-2017-0137

Related

CVE-2017-7875

Published

2017-05-10T20:47:44Z

Modified

2017-05-10T20:29:20Z

Summary

Updated feh package fixes security vulnerability

Details

Updated feh package to fix a double-free/OOB-write in E17 IPC. This was a potential security issue as a malicious X11 app running alongside feh and pretending to be an E17 window manager could have had access to out-of-bound memory. Security vulnerability: CVE-2017-7875

References

https://advisories.mageia.org/MGASA-2017-0137.html
https://bugs.mageia.org/show_bug.cgi?id=20775
https://feh.finalrewind.org/
https://lists.opensuse.org/opensuse-updates/2017-05/msg00000.html

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

MGASA-2017-0137

Affected packages