Overview

File _patchinfo of Package patchinfo.8964

<patchinfo incident="8964">
  <issue tracker="bnc" id="1108813">VUL-0: lcms2: CVE-2018-16435 lcms2: heap-based buffer overflow in SetData function in cmsIT8LoadFromFile</issue>
  <issue tracker="cve" id="2018-16435"/>
  <category>security</category>
  <rating>moderate</rating>
  <packager>sbrabec</packager>
  <description>This update for lcms2 fixes the following issues:

- CVE-2018-16435: A integer overflow was fixed in the AllocateDataSet function in cmscgats.c, that could lead to a heap-based buffer overflow in the SetData function via a crafted file in the second argument to cmsIT8LoadFromFile. (bsc#1108813)
</description>
  <summary>Security update for lcms2</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places