MGASA-2017-0447

See a problem?
Please try reporting it to the source first.
Source
https://advisories.mageia.org/MGASA-2017-0447.html
Import Source
https://advisories.mageia.org/MGASA-2017-0447.json
JSON Data
https://api.test.osv.dev/v1/vulns/MGASA-2017-0447
Related
Published
2017-12-10T20:49:50Z
Modified
2017-12-10T20:28:11Z
Summary
Updated optipng packages fix security vulnerability
Details
  • CVE-2017-1000229: Fix integer overflow bug in function minitiffreadinfo() allows an attacker to remotely execute code or cause denial of service.
  • CVE-2017-16938: Fix a global buffer overflow that allows attackers to cause DoS via a maliciously crafted GIF file.
References
Credits

Affected packages

Mageia:5 / optipng

Package

Name
optipng
Purl
pkg:rpm/mageia/optipng?distro=mageia-5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.7.6-1.1.mga5

Ecosystem specific 

{
    "section": "core"
}

Database specific

source

"https://advisories.mageia.org/MGASA-2017-0447.json"

Mageia:6 / optipng

Package

Name
optipng
Purl
pkg:rpm/mageia/optipng?distro=mageia-6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.7.6-1.1.mga6

Ecosystem specific 

{
    "section": "core"
}

Database specific

source

"https://advisories.mageia.org/MGASA-2017-0447.json"