SUSE Package Hub - SUSE-SLE-Module-Packagehub-Subpackages-15-SP3-2021-1651

Update Info

SUSE-SLE-Module-Packagehub-Subpackages-15-SP3-2021-1651

Security update for graphviz

Type: security

Severity: critical

Issued: 2021-05-19

Description:

This update for graphviz fixes the following issues:

- CVE-2020-18032: Fixed possible remote code execution via buffer overflow (bsc#1185833).

References

CVE: CVE-2020-18032
Bugzilla: 1185833 VUL-0: CVE-2020-18032: graphviz-addons,graphviz,graphviz-plugins: Buffer Overflow in Graphviz Graph Visualization Tools from commit ID f8b9e035 and earlier allows remote attackers to execute arbitrary code or cause a denial of service

Packages

graphviz-addons-2.40.1-6.9.1