MGASA-2021-0226 - Updated libebml packages fix security vulnerabilities

Publication date: 08 Jun 2021
Type: security
Affected Mageia releases: 7
CVE: CVE-2021-3405

Updated libebml packages fix security vulnerabilities:

Heap use-after-free when parsing malformed file.

A flaw was found in libebml before 1.4.2. A heap overflow bug exists in the implementation of EbmlString::ReadData and EbmlUnicodeString::ReadData in libebml (CVE-2021-3405). 

The mkvtoolnix, libmatroska packages have been rebuilt for the
updated libebml.

-[email protected]/thread/7COLX6WFFOI3RIOY2IOXWASU3QKAOWKO/
-[email protected]/thread/JNHQI6MDOECJ2HT5GCLEX2DMJFEOWPW7/

- 7/core/libebml-1.4.2-1.mga7
- 7/core/mkvtoolnix-32.0.0-2.1.mga7
- 7/core/libmatroska-1.5.0-2.1.mga7