From ${URL} : Document Liberation Project libmwaw has an out-of-bounds write caused by a heap-based buffer overflow related to the MsWrd1Parser::readFootnoteCorrespondance function in lib/MsWrd1Parser.cxx. References: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1037 Upstream patch: https://sourceforge.net/p/libmwaw/libmwaw/ci/68b3b74569881248bfb6cbb4266177cc253b292f/ @maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.
app-text/libmwaw-0.3.11-r1 was added to address this bug and is ready to be stabilised.
ping
amd64/x86 stable. @maintainer, please clean.
Cleanup done in 5af882faaff278d7a12bd99be396e0462080f47d
Downgraded to B3. No PoC on ACE/RCE. GLSA Vote: No Thanks, Andreas!