SciLinux: SLSA-2018-3246-1 Low: libcdio on SL7.x x86_64
libcdio: Heap-based buffer over-read in print_iso9660_recurse function in iso-info.c (CVE-2017-18198) * libcdio: NULL pointer dereference in realloc_symlink in rock.c (CVE-2017-181...
Summary
Low: libcdio security update
Security Fixes
* libcdio: Heap-based buffer over-read in print_iso9660_recurse function
in iso-info.c (CVE-2017-18198)
* libcdio: NULL pointer dereference in realloc_symlink in rock.c
(CVE-2017-18199)
* libcdio: Double free in get_cdtext_generic() in
lib/driver/_cdio_generic.c (CVE-2017-18201)
SL7
x86_64
libcdio-0.92-3.el7.i686.rpm
libcdio-0.92-3.el7.x86_64.rpm
libcdio-debuginfo-0.92-3.el7.i686.rpm
libcdio-debuginfo-0.92-3.el7.x86_64.rpm
libcdio-devel-0.92-3.el7.i686.rpm
libcdio-devel-0.92-3.el7.x86_64.rpm
- Scientific Linux Development Team
Severity
Advisory ID: SLSA-2018:3246-1
Issued Date: : 2018-10-30
CVE Numbers: CVE-2017-18198
CVE-2017-18199
CVE-2017-18201
