MGASA-2016-0341

Source
https://advisories.mageia.org/MGASA-2016-0341.html
Import Source
https://advisories.mageia.org/MGASA-2016-0341.json
JSON Data
https://api.osv.dev/v1/vulns/MGASA-2016-0341
Related
Published
2016-10-12T15:09:49Z
Modified
2016-10-13T11:56:00Z
Summary
Updated libass packages fixes security vulnerabilities
Details

Amount of memory allocated during memory reallocation in the shaper wasn't tracked, possibly resulting in undefined behavior (CVE-2016-7972).

Illegal read in Gaussian blur coefficient calculations (CVE-2016-7970).

Mode 0/3 line wrapping equalization in specific cases could result in illegal reads while laying out and shaping text. (CVE-2016-7969)

The libass package has been updated to version 0.13.4, fixing this issue and several other bugs.

References
Credits

Affected packages

Mageia:5 / libass

Package

Name
libass
Purl
pkg:rpm/mageia/libass?distro=mageia-5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.13.4-1.mga5

Ecosystem specific

{
    "section": "core"
}