Overview

File _patchinfo of Package patchinfo.10050

<patchinfo incident="10050">
  <issue tracker="bnc" id="1120470">VUL-1: CVE-2018-20549: libcaca: An integer overflow due to an illegal write in caca/file.c (function caca_file_read)</issue>
  <issue tracker="bnc" id="1120584">VUL-1: CVE-2018-20545: libcaca: There is an illegal WRITE memory access at common-image.c in load_image  for 4bpp data</issue>
  <issue tracker="bnc" id="1120504">VUL-1: CVE-2018-20547: libcaca: illegal READ memory access at caca/dither.c for 24bpp data</issue>
  <issue tracker="bnc" id="1120502">VUL-1: CVE-2018-20544: libcaca: floating point exception at caca/dither.c</issue>
  <issue tracker="bnc" id="1120503">VUL-1: CVE-2018-20546: libcaca: illegal READ memory access at caca/dither.c for the default bpp case</issue>
  <issue tracker="bnc" id="1120589">VUL-1: CVE-2018-20548: libcaca: There is an illegal WRITE memory access at common-image.c in load_image for 1bpp data</issue>
  <issue tracker="cve" id="2018-20547"/>
  <issue tracker="cve" id="2018-20546"/>
  <issue tracker="cve" id="2018-20545"/>
  <issue tracker="cve" id="2018-20544"/>
  <issue tracker="cve" id="2018-20549"/>
  <issue tracker="cve" id="2018-20548"/>
  <category>security</category>
  <rating>moderate</rating>
  <packager>jmoellers</packager>
  <description>This update for libcaca fixes the following issues:

Security issues fixed:

- CVE-2018-20544: Fixed a floating point exception at caca/dither.c (bsc#1120502)
- CVE-2018-20545: Fixed a WRITE memory access in the load_image function at common-image.c for 4bpp (bsc#1120584)
- CVE-2018-20546: Fixed a READ memory access in the get_rgba_default function at caca/dither.c for bpp (bsc#1120503)
- CVE-2018-20547: Fixed a READ memory access in the get_rgba_default function at caca/dither.c for 24bpp (bsc#1120504)
- CVE-2018-20548: Fixed a WRITE memory access in the load_image function at common-image.c for 1bpp (bsc#1120589)
- CVE-2018-20549: Fixed a WRITE memory access in the caca_file_read function at caca/file.c (bsc#1120470)
</description>
  <summary>Security update for libcaca</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places