[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: libcaca vulnerable to CVE-2021-3410
From: |
Léo Le Bouter |
Subject: |
Re: libcaca vulnerable to CVE-2021-3410 |
Date: |
Tue, 09 Mar 2021 07:19:52 +0100 |
User-agent: |
Evolution 3.34.2 |
On Wed, 2021-03-03 at 21:48 +0100, Léo Le Bouter wrote:
> CVE-2021-3410 24.02.21 00:15
> A flaw was found in libcaca v0.99.beta19. A buffer overflow issue in
> caca_resize function in libcaca/caca/canvas.c may lead to local
> execution of arbitrary code in the user context.
>
> libcaca has not made a release yet, so you need to look upstream and
> cherry-pick the commits.
>
> See https://github.com/cacalabs/libcaca/issues/52
Fixed at fe830ffd8d761cee27edd069e3d99c1ab891cbf3 by Efraim Flashner <
efraim@flashner.co.il>
Thanks
signature.asc
Description: This is a digitally signed message part