Bug 16167

Summary: libwmf new security issues CVE-2015-4695 and CVE-2015-4696
Product: Mageia Reporter: David Walser <luigiwalser>
Component: SecurityAssignee: Mageia Bug Squad <bugsquad>
Status: RESOLVED DUPLICATE QA Contact: Sec team <security>
Severity: normal    
Priority: Normal    
Version: Cauldron   
Target Milestone: ---   
Hardware: i586   
OS: Linux   
Whiteboard: MGA5TOO, MGA4TOO
Source RPM: libwmf-0.2.8.4-32.1.mga5 CVE:
Status comment:

Description David Walser 2015-06-21 23:49:33 CEST 
CVEs have been assigned for two more issues in libwmf today (June 21):
http://openwall.com/lists/oss-security/2015/06/21/3

I don't want to hold up the current update (Bug 16127) since it's high severity, but if patches are available and accepted for these two before QA gets to it, I'll include it in that update.

Reproducible: 

Steps to Reproduce:
David Walser 2015-06-21 23:49:42 CEST

Whiteboard: (none) => MGA5TOO, MGA4TOO

Comment 1 David Walser 2015-06-27 17:57:03 CEST 
Now being handled in Bug 16127.

*** This bug has been marked as a duplicate of bug 16127 ***

Status: NEW => RESOLVED
Resolution: (none) => DUPLICATE