MGASA-2020-0024

Updated radare2 packages fix security vulnerabilities:

In radare2 through 3.5.1, there is a heap-based buffer over-read in the regglangparsechar function of egglang.c. This allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact because of missing length validation in libr/egg/egg.c (CVE-2019-12790).

In radare2 through 3.5.1, the rcccontext function of libr/egg/egglang.c mishandles changing context. This allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact (invalid memory access in regglangparsechar; invalid free in rccpusharg) (CVE-2019-12802).

In radare2 through 3.5.1, cmdmount in libr/core/cmdmount.c has a double free for the ms command (CVE-2019-12865).

By using a crafted executable file, it's possible to execute arbitrary shell commands with the permissions of the victim. This vulnerability is due to improper handling of symbol names embedded in executables (CVE-2019-14745).

The radare2 package has been updated to version 3.9.0, fixing these issues and other bugs.

Also, the radare2-cutter package has been updated to version 1.9.0.