MGASA-2021-0333

See a problem?
Please try reporting it to the source first.
Source
https://advisories.mageia.org/MGASA-2021-0333.html
Import Source
https://advisories.mageia.org/MGASA-2021-0333.json
JSON Data
https://api.osv.dev/v1/vulns/MGASA-2021-0333
Related
Published
2021-07-10T20:00:34Z
Modified
2021-07-10T18:43:10Z
Summary
Updated libcroco and gettext packages fix security vulnerability
Details

libcroco through 0.6.13 has excessive recursion in crparserparseanycore in cr-parser.c, leading to stack consumption (CVE-2020-12825).

References
Credits

Affected packages

Mageia:7 / libcroco

Package

Name
libcroco
Purl
pkg:rpm/mageia/libcroco?distro=mageia-7

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.6.13-1.2.mga7

Ecosystem specific 

{
    "section": "core"
}

Mageia:7 / gettext

Package

Name
gettext
Purl
pkg:rpm/mageia/gettext?distro=mageia-7

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.19.8.1-4.1.mga7

Ecosystem specific 

{
    "section": "core"
}