MGASA-2014-0520

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2014-0520.html

Import Source

https://advisories.mageia.org/MGASA-2014-0520.json

JSON Data

https://api.osv.dev/v1/vulns/MGASA-2014-0520

Related

CVE-2014-9157

Published

2014-12-09T20:12:41Z

Modified

2014-12-09T20:04:22Z

Summary

Updated graphviz packages fix CVE-2014-9157

Details

Updated graphviz packages fix security vulnerability:

Format string vulnerability in the yyerror function in lib/cgraph/scan.l in Graphviz allows remote attackers to have unspecified impact via format string specifiers in unknown vector, which are not properly handled in an error string (CVE-2014-9157).

References

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

Affected packages

Mageia:4 / graphviz

Package

Name: graphviz
Purl: pkg:rpm/mageia/graphviz?distro=mageia-4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.34.0-6.1.mga4

Ecosystem specific

{
    "section": "core"
}