libcroco-0.6.12-4.el8.1
エラータID: AXSA:2020-499:01
Release date:
Wednesday, September 23, 2020 - 08:44
Subject:
libcroco-0.6.12-4.el8.1
Affected Channels:
Asianux Server 8 for x86_64
Severity:
Moderate
Description:
The libcroco is a standalone Cascading Style Sheet level 2 (CSS2) parsing and manipulation library.
Security Fix(es):
* libcroco: Stack overflow in function cr_parser_parse_any_core in cr-parser.c (CVE-2020-12825)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
CVE-2020-12825
libcroco through 0.6.13 has excessive recursion in cr_parser_parse_any_core in cr-parser.c, leading to stack consumption.
Solution:
Update packages.
CVEs:
CVE-2020-12825
libcroco through 0.6.13 has excessive recursion in cr_parser_parse_any_core in cr-parser.c, leading to stack consumption.
libcroco through 0.6.13 has excessive recursion in cr_parser_parse_any_core in cr-parser.c, leading to stack consumption.
Additional Info:
N/A
Download:
SRPMS
- libcroco-0.6.12-4.el8.1.src.rpm
MD5: a57012dcafc96ba789577b2175089e7b
SHA-256: a90919d55ecfbd6f14f7ca8e33717822e3c54223e54e9b93fe40858d4b57db25
Size: 487.29 kB
Asianux Server 8 for x86_64
- libcroco-0.6.12-4.el8.1.x86_64.rpm
MD5: 46b7017ac1224b59bdb31981f9d672d2
SHA-256: f034818a30492b2556f67c5472f94c383dc541dcab82467dfa4cf998eec27b62
Size: 111.95 kB - libcroco-0.6.12-4.el8.1.i686.rpm
MD5: 355b1c253b80797f0625a8d4f5a42da9
SHA-256: 7aa7b7ef6402438a70c580e4c02aa85f24cd7a26cb300dca48dd5a57980a50f2
Size: 119.73 kB
日本語