MGASA-2021-0332
- Source
- https://advisories.mageia.org/MGASA-2021-0332.html
- Import Source
- https://advisories.mageia.org/MGASA-2021-0332.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/MGASA-2021-0332
- Related
- Published
- 2021-07-10T12:56:54Z
- Modified
- 2021-07-10T11:37:06Z
- Summary
- Updated htmldoc packages fix security vulnerabilities
- Details
-
Updated htmldoc packages fix security vulnerabilities:
Integer overflow in the htmldoc 1.9.11 and before may allow attackers to execute arbitrary code and cause a denial of service that is similar to CVE-2017-9181 (CVE-2021-20308).
AddressSanitizer: double-free in function pspdf_export ps-pdf.cxx (CVE-2021-23158).
AddressSanitizer: heap-buffer-overflow in pspdfprepareoutpages() in ps-pdf.cxx (CVE-2021-23165).
AddressSanitizer: SEGV in file_extension file.c (CVE-2021-23180).
AddressSanitizer: SEGV on unknown address 0x000000000014 (CVE-2021-23191).
AddressSanitizer: stack-buffer-overflow in parse_table ps-pdf.cxx (CVE-2021-23206).
AddressSanitizer: heap-buffer-overflow in pspdfpreparepage(int) ps-pdf.cxx (CVE-2021-26252).
AddressSanitizer: heap-buffer-overflow on rendertablerow() ps-pdf.cxx (CVE-2021-26259).
SEGV on unknown address 0x000000000000 (CVE-2021-26948).
- References
-
- https://advisories.mageia.org/MGASA-2021-0332.html
- https://bugs.mageia.org/show_bug.cgi?id=29161
- https://bugs.mageia.org/show_bug.cgi?id=29101
- https://www.debian.org/security/2021/dsa-4928
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/RXMQHLXPNKTCGM4HNTMLHF7NWL3ZXKIO/
- Credits
-
-
- Mageia - COORDINATOR
-