libcroco-0.6.12-6.el7
エラータID: AXSA:2020-573:02
Release date:
Monday, October 5, 2020 - 10:58
Subject:
libcroco-0.6.12-6.el7
Affected Channels:
Asianux Server 7 for x86_64
Severity:
Moderate
Description:
The libcroco is a standalone Cascading Style Sheet level 2 (CSS2) parsing and manipulation library.
Security Fix(es):
libcroco: Stack overflow in function cr_parser_parse_any_core in cr-parser.c (CVE-2020-12825)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
CVE-2020-12825
libcroco through 0.6.13 has excessive recursion in cr_parser_parse_any_core in cr-parser.c, leading to stack consumption.
Solution:
Update packages.
CVEs:
CVE-2020-12825
libcroco through 0.6.13 has excessive recursion in cr_parser_parse_any_core in cr-parser.c, leading to stack consumption.
libcroco through 0.6.13 has excessive recursion in cr_parser_parse_any_core in cr-parser.c, leading to stack consumption.
Additional Info:
N/A
Download:
SRPMS
- libcroco-0.6.12-6.el7.src.rpm
MD5: 5e861e18ccc2fdde7f4bfb7bea357630
SHA-256: af1278a86632aa34532b6e7eb1dee659388d74c63c454eab110439d44738422c
Size: 481.79 kB
Asianux Server 7 for x86_64
- libcroco-0.6.12-6.el7.x86_64.rpm
MD5: 34d9cdeefa72c326e2d244f44100edd8
SHA-256: 8a9bf4a89b9ae1f089719f09efbf4ee91e99b96099b832245f7cd8063524ecd4
Size: 104.43 kB - libcroco-0.6.12-6.el7.i686.rpm
MD5: 50da5b1cce315eeaa57cb186d4418c5b
SHA-256: 5a3560f23f9cb3c64f39b525a8b7f4449a2b9d5e8604d593c5922e4f052bec0d
Size: 103.77 kB