Security update for cfitsio
This update for cfitsio fixes the following issues:
Security issues fixed:
- CVE-2018-1000166: Unsafe use of sprintf() can allow a remote unauthenticated attacker to execute arbitrary code (boo#1088590)
This update to version 3.430 also contains a number of upstream bug fixes.
The following tracked packaging changes are included:
- boo#1082318: package licence text as license, not as documentation
- Submitted by Asterios Dramis (adra)
Fixed bugs
bnc#1088590
VUL-0: CVE-2018-1000166: cfitsio: Unsafe use of sprintf() can allow a remote unauthenticated attacker to execute arbitrary code
bnc#1082318
Packages must not mark license files as %doc