Mageia 6: MGASA-2018-0464 Critical: Gettext Double Free Threat
mageia
November 21, 2018
An issue was discovered in GNU gettext 0.19.8
Summary
An issue was discovered in GNU gettext 0.19.8. There is a double free in
default_add_message in read-catalog.c, related to an invalid free in
po_gram_parse in po-gram-gen.y, as demonstrated by lt-msgfmt.
(CVE-2018-18751)
References
- https://bugs.mageia.org/show_bug.cgi?id=23843
- https://ubuntu.com/security/notices/USN-3815-1
- https://www.cve.org/CVERecord?id=CVE-2018-18751
Topics Covered
Resolution
SRPMS
- 6/core/gettext-0.19.8.1-1.1.mga6
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Publication date: 21 Nov 2018
URL: https://advisories.mageia.org/MGASA-2018-0464.html
Type: security
CVE: CVE-2018-18751
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!