MGASA-2022-0186

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2022-0186.html

Import Source

https://advisories.mageia.org/MGASA-2022-0186.json

JSON Data

https://api.test.osv.dev/v1/vulns/MGASA-2022-0186

Related

CVE-2017-9814

Published

2022-05-15T10:06:40Z

Modified

2022-05-15T09:20:45Z

Summary

Updated cairo packages fix security vulnerability

Details

cairo-truetype-subset.c in cairo 1.15.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) because of mishandling of an unexpected malloc(0) call. (CVE-2017-9814)

References

https://advisories.mageia.org/MGASA-2022-0186.html
https://bugs.mageia.org/show_bug.cgi?id=30412
https://ubuntu.com/security/notices/USN-5407-1

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

MGASA-2022-0186

Affected packages