MGASA-2021-0230 - Updated libpano13 packages fix a security vulnerability Publication date: 08 Jun 2021 URL: https://advisories.mageia.org/MGASA-2021-0230.html Type: security Affected Mageia releases: 7, 8 CVE: CVE-2021-20307 Format string vulnerability in panoFileOutputNamesCreate() in libpano13 2.9.20.rc2 and earlier can lead to read and write arbitrary memory values (CVE-2021-20307). References: - https://bugs.mageia.org/show_bug.cgi?id=28997 - https://lists.fedoraproject.org/archives/list/[email protected]/thread/JE6YZSXNVD6WZ3AG3ENL2DIHQFF24LYX/ - https://www.debian.org/lts/security/2021/dla-2624 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20307 SRPMS: - 8/core/libpano13-2.9.20-1.mga8 - 8/tainted/libpano13-2.9.20-1.mga8.tainted - 7/tainted/libpano13-2.9.20-1.mga7.tainted - 7/core/libpano13-2.9.20-1.mga7