MGASA-2022-0260

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2022-0260.html

Import Source

https://advisories.mageia.org/MGASA-2022-0260.json

JSON Data

https://api.test.osv.dev/v1/vulns/MGASA-2022-0260

Related

Published

2022-07-13T20:44:07Z

Modified

2022-07-13T19:53:39Z

Summary

Updated gerbv packages fix security vulnerability

Details

An out-of-bounds write vulnerability exists in the drill format T-code tool number functionality of Gerbv 2.7.0, dev (commit b5f1eacd), and the forked version of Gerbv (commit 71493260). (CVE-2021-40391)

An out-of-bounds write vulnerability exists in the RS-274X aperture macro variables handling functionality of Gerbv 2.7.0 and dev (commit b5f1eacd) and the forked version of Gerbv (commit 71493260). (CVE-2021-40393, CVE-2021-40394)

An out-of-bounds read vulnerability exists in the RS-274X aperture macro outline primitive functionality of Gerbv 2.7.0 and dev (commit b5f1eacd) and the forked version of Gerbv (commit d7f42a9a). (CVE-2021-40400)

A use-after-free vulnerability exists in the RS-274X aperture definition tokenization functionality of Gerbv 2.7.0 and dev (commit b5f1eacd) and Gerbv forked 2.7.1. (CVE-2021-40401)

References

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

MGASA-2022-0260

Affected packages