Fedora 22: libwmf Security Update 2015-10627
Summary
A library for reading and converting Windows MetaFile vector graphics (WMF).
Update Information:
CVE-2015-0848 heap overflow when decoding BMP images
CVE-2015-4588 RLE decoding doesn't check that the "count" fits into the image
CVE-2015-4695 meta_pen_create heap buffer overflow
CVE-2015-4696 wmf2gd/wmf2eps use after free
Change Log
* Tue Jun 23 2015 Caolán McNamara
References
[ 1 ] Bug #1227244 - CVE-2015-0848 libwmf: heap overflow when decoding BMP images [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1227244 [ 2 ] Bug #1235671 - CVE-2015-4696 CVE-2015-4695 libwmf: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1235671
Update Instructions
This update can be installed with the "yum" update program. Use su -c 'yum update libwmf' at the command line. For more information, refer to "Managing Software with yum", available at .