cairo-1.15.12-6.el8, pixman-0.38.4-2.el8
エラータID: AXSA:2022-3446:01
リリース日:
2022/07/06 Wednesday - 13:55
題名:
cairo-1.15.12-6.el8, pixman-0.38.4-2.el8
影響のあるチャネル:
Asianux Server 8 for x86_64
Severity:
Moderate
Description:
以下項目について対処しました。
[Security Fix]
- cairo には、攻撃者が巧妙に細工したファイルをイメージコンポジターに
与えることでスタックオーバーフローを発生させ、範囲外メモリ領域への
書き込みを可能とする脆弱性があります。(CVE-2020-35492)
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2020-35492
A flaw was found in cairo's image-compositor.c in all versions prior to 1.17.4. This flaw allows an attacker who can provide a crafted input file to cairo's image-compositor (for example, by convincing a user to open a file in an application using cairo, or if an application uses cairo on untrusted input) to cause a stack buffer overflow -> out-of-bounds WRITE. The highest impact from this vulnerability is to confidentiality, integrity, as well as system availability.
A flaw was found in cairo's image-compositor.c in all versions prior to 1.17.4. This flaw allows an attacker who can provide a crafted input file to cairo's image-compositor (for example, by convincing a user to open a file in an application using cairo, or if an application uses cairo on untrusted input) to cause a stack buffer overflow -> out-of-bounds WRITE. The highest impact from this vulnerability is to confidentiality, integrity, as well as system availability.
追加情報:
N/A
ダウンロード:
SRPMS
- cairo-1.15.12-6.el8.src.rpm
MD5: e0fa84ae9d300ada7df36e46e01a0631
SHA-256: 8f2824d6af893ee50d6403d0064d2cb027da808fea8adecf85dc60d4262cd29b
Size: 39.98 MB - pixman-0.38.4-2.el8.src.rpm
MD5: 89d91635eb52bcc274a19d536d0dee60
SHA-256: c8d0feb2a85c465f3891aaacd7263124311db79e28b583e95555f94807f1182d
Size: 751.80 kB
Asianux Server 8 for x86_64
- cairo-1.15.12-6.el8.x86_64.rpm
MD5: efc1581f9b558047e7defedd523274f2
SHA-256: 63d4f85d6bccfb8f075d1abf47ee372790e84925bd3e44c9a536cfcbb43701df
Size: 717.58 kB - cairo-devel-1.15.12-6.el8.x86_64.rpm
MD5: f66135bdb70866e1ea1d4b83e108f62a
SHA-256: b63a2784946295be0b4c8628a88da153e14ca372fc17e39414cf4f0b3000590d
Size: 271.67 kB - cairo-gobject-1.15.12-6.el8.x86_64.rpm
MD5: 17054e72daba2f4830b0b6174f2c9a55
SHA-256: 840bf34795513882c698e302311a01989ba23b8b6691710fec9dc2863fedb5e3
Size: 32.38 kB - cairo-gobject-devel-1.15.12-6.el8.x86_64.rpm
MD5: 8873d1dfe47e450c0df6ef1b9796b3a4
SHA-256: 903938492a0da711984644efc5b30d9816dd2fcf860907febd027d853809e5ed
Size: 24.82 kB - pixman-0.38.4-2.el8.x86_64.rpm
MD5: bca0eb078c587481bbba7ec684799486
SHA-256: 796522d0e62a1a6933f14315cd223b4635f5714de5b275ae07a85af108be3471
Size: 256.34 kB - pixman-devel-0.38.4-2.el8.x86_64.rpm
MD5: 51649f1d9c159ac887fdccb3d2cd0116
SHA-256: 6c4253daa4973020e1234fdc226d6103c3587af957156351188e9b9052f75c06
Size: 19.11 kB - cairo-1.15.12-6.el8.i686.rpm
MD5: 99d6bcd541276f215e51869abc40277d
SHA-256: 82692a4c6fe49aee0d618fbe7dd980b5a445e4a98eedb7b3ca6e80aff5e7b9da
Size: 793.32 kB - cairo-devel-1.15.12-6.el8.i686.rpm
MD5: 0f804e65a24708c6d42b80504004bb08
SHA-256: b1943cb0be20dad2735cd5c79ef12fb4e6ced563e22f758094200b73025e38af
Size: 271.69 kB - cairo-gobject-1.15.12-6.el8.i686.rpm
MD5: 387815019ee145d579a72df15f40f238
SHA-256: 1d35af1969b7bf184e290e40d043563db8fa16eb55f23dfe4d4f58b770619a91
Size: 31.49 kB - cairo-gobject-devel-1.15.12-6.el8.i686.rpm
MD5: 726d86de77ca90d7d16a4f519bde0e65
SHA-256: d6d41bd15c1e08cbc121851733690d0d97945b48ebe5573549758d010cbca815
Size: 24.84 kB - pixman-0.38.4-2.el8.i686.rpm
MD5: 8060a1ecf056108699e7dde47efb6639
SHA-256: e6739a5e41988725a018c1a8c3d8a62f155a9ccc1da33379f901fdeadecbbf67
Size: 270.13 kB - pixman-devel-0.38.4-2.el8.i686.rpm
MD5: c9412bef3247476f1429d4e6aed6632c
SHA-256: 16861c69f711f757f8d8e4120e130af951a69268d1424f51f1b54d6639b2255f
Size: 19.12 kB