MGASA-2022-0066 - Updated nas packages fix security vulnerability

Publication date: 18 Feb 2022
URL: https://advisories.mageia.org/MGASA-2022-0066.html
Type: security
Affected Mageia releases: 8

Stack-based buffer overflow in auphone.c that can be triggered by an
environment variable.

Also, the x11-util-cf-files package has been patched to allow building nas.

References:
- https://bugs.mageia.org/show_bug.cgi?id=30020
- https://lists.fedoraproject.org/archives/list/[email protected]/thread/KQX5YL7OVJTMPDFFPFACDNNE2LEUDC3J/
- https://sourceforge.net/p/nas/bugs/8/
- https://bugzilla.redhat.com/show_bug.cgi?id=1943020

SRPMS:
- 8/core/nas-1.9.4-11.1.mga8
- 8/core/x11-util-cf-files-1.0.6-5.1.mga8