Synopsis: Low: libcdio security update
Advisory ID: SLSA-2018:3246-1
Issue Date: 2018-10-30
CVE Numbers: CVE-2017-18198
CVE-2017-18199
CVE-2017-18201
—
Security Fix(es):
* libcdio: Heap-based buffer over-read in print_iso9660_recurse function
in iso-info.c (CVE-2017-18198)
* libcdio: NULL pointer dereference in realloc_symlink in rock.c
(CVE-2017-18199)
* libcdio: Double free in get_cdtext_generic() in
lib/driver/_cdio_generic.c (CVE-2017-18201)
—
SL7
x86_64
libcdio-0.92-3.el7.i686.rpm
libcdio-0.92-3.el7.x86_64.rpm
libcdio-debuginfo-0.92-3.el7.i686.rpm
libcdio-debuginfo-0.92-3.el7.x86_64.rpm
libcdio-devel-0.92-3.el7.i686.rpm
libcdio-devel-0.92-3.el7.x86_64.rpm
– Scientific Linux Development Team
