Update Info

openSUSE-2022-88


Security update for htmldoc


Type: security
Severity: important
Issued: 2022-03-21
Description:
htmldoc was updated to fix issues:

- CVE-2021-40985: Fixed buffer overflow may lead to DoS via a crafted BMP image (bsc#1192357)
- CVE-2021-43579: Fixed stack-based buffer overflow in image_load_bmp() results in remote code execution if the victim converts an HTML document linking to a crafted BMP file (bsc#1194487)
- CVE-2022-0534: Fixed stack out-of-bounds read in gif_get_code() when opening a malicious GIF file results in a segmentation fault (bsc#1195758)


              

Packages


  • htmldoc-1.8.28-9.1