MGASA-2021-0239
- Source
- https://advisories.mageia.org/MGASA-2021-0239.html
- Import Source
- https://advisories.mageia.org/MGASA-2021-0239.json
- JSON Data
- https://api.osv.dev/v1/vulns/MGASA-2021-0239
- Related
- Published
- 2021-06-08T16:46:03Z
- Modified
- 2021-06-08T15:36:31Z
- Summary
- Updated cgal packages fix security vulnerabilities
- Details
-
Updated cgal packages fix security vulnerabilities:
An oob read vulnerability exists in Nef2/PMioparser.h PMioparser::readvertex() Face_of[] OOB read. An attacker can provide malicious input to trigger this vulnerability (CVE-2020-28601).
An oob read vulnerability exists in NefS2/SNCioparser.h SNCioparser::readsloop() slh->twin() An attacker can provide malicious input to trigger this vulnerability (CVE-2020-28636).
An oob read vulnerability exists in NefS2/SNCioparser.h SNCioparser::readsloop() slh->incident_sface. An attacker can provide malicious input to trigger this vulnerability (CVE-2020-35628).
An oob read vulnerability exists in NefS2/SNCioparser.h SNCioparser::readsface() sfh->volume(). An attacker can provide malicious input to trigger this vulnerability (CVE-2020-35636).
The cgal package has been updated to version 5.2.1, fixing the issues and other bugs. The openfoam and openscad packages have been rebuilt against the updated cgal library.
- References
- Credits
-
-
- Mageia - COORDINATOR
-
Affected packages
Mageia:8 / cgal
Package
- Name
- cgal
- Purl
- pkg:rpm/mageia/cgal?distro=mageia-8
Mageia:8 / openfoam
Package
- Name
- openfoam
- Purl
- pkg:rpm/mageia/openfoam?distro=mageia-8
Mageia:8 / openscad
Package
- Name
- openscad
- Purl
- pkg:rpm/mageia/openscad?distro=mageia-8