Fedora 26 gcab Security Advisory CVE-2018-5345 Critical Memory Leak Fix

fedora

February 27, 2018

New upstream release - This fixes the security bug known as CVE-2018-5345 - Do not encode timezone in generated files - Fix countless memory leaks when parsing corrupt files

Summary

gcab is a tool to manipulate Cabinet archive.

New upstream release - This fixes the security bug known as CVE-2018-5345 - Do

not encode timezone in generated files - Fix countless memory leaks when parsing

corrupt files

su -c 'dnf upgrade gcab' at the command line.

For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Topics Covered

security advisory fedora update security fix memory leak upstream release gcab tool

Change Log

References

Update Instructions

Severity

critical

Lowest

Low

Medium

High

Critical

Product: Fedora 26

Version: 1.1

Release: 1.fc26

URL: https://download.gnome.org/sources/gcab/

Summary: Cabinet file library and tool

Topics Covered

security advisory fedora update security fix memory leak upstream release gcab tool

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks