AXSA:2019-4113:01

Release date: 
Monday, August 19, 2019 - 19:13
Subject: 
libwpd-0.10.0-2.el7
Affected Channels: 
Asianux Server 7 for x86_64
Severity: 
Low
Description: 

libwpd is a library for reading and converting Corel WordPerfect Office documents.

Security Fix(es):

* libwpd: NULL pointer dereference in the function WP6ContentListener::defineTable in WP6ContentListener.cpp (CVE-2018-19208)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2018-19208
In libwpd 0.10.2, there is a NULL pointer dereference in the function WP6ContentListener::defineTable in WP6ContentListener.cpp that will lead to a denial of service attack. This is related to WPXTable.h.

Solution: 

Update packages.

Additional Info: 

N/A

Download: 

SRPMS
  1. libwpd-0.10.0-2.el7.src.rpm
    MD5: 1d27b63f4f5261e1f78a8e25670c37c7
    SHA-256: 510c6d1c4c00027c93ca43aa37c2a8f07600673e3a0b681131c28a0683dff75e
    Size: 505.75 kB

Asianux Server 7 for x86_64
  1. libwpd-0.10.0-2.el7.x86_64.rpm
    MD5: 254542ace7c7e594c1ea6cb8630120ea
    SHA-256: dc71784bb9919ecb8365c8b488d6175d1b4a9a85a8bf785e6f5ff578428c3da5
    Size: 234.63 kB
  2. libwpd-0.10.0-2.el7.i686.rpm
    MD5: ab67df0de6d21fc25b5750bd078f36f2
    SHA-256: ad440cb25a381e168520d52f436c342ba53dd3a20b3b968071dbd3381ef244be
    Size: 240.80 kB
Copyright© 2007-2015 Asianux. All rights reserved.