{"id":"MGASA-2021-0238","summary":"Updated cgal packages fix security vulnerabilities","details":"Updated cgal packages fix security vulnerabilities:\n\nAn oob read vulnerability exists in Nef_2/PM_io_parser.h\nPM_io_parser::read_vertex() Face_of[] OOB read. An attacker can provide\nmalicious input to trigger this vulnerability (CVE-2020-28601).\n\nAn oob read vulnerability exists in Nef_S2/SNC_io_parser.h\nSNC_io_parser::read_sloop() slh-\u003etwin() An attacker can provide malicious\ninput to trigger this vulnerability (CVE-2020-28636).\n\nAn oob read vulnerability exists in Nef_S2/SNC_io_parser.h\nSNC_io_parser::read_sloop() slh-\u003eincident_sface. An attacker can provide\nmalicious input to trigger this vulnerability (CVE-2020-35628).\n\nAn oob read vulnerability exists in Nef_S2/SNC_io_parser.h\nSNC_io_parser::read_sface() sfh-\u003evolume(). An attacker can provide malicious\ninput to trigger this vulnerability (CVE-2020-35636).\n","modified":"2026-02-02T03:22:28.417440Z","published":"2021-06-08T16:46:03Z","related":["CVE-2020-28601","CVE-2020-28636","CVE-2020-35628","CVE-2020-35636"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2021-0238.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=28881"},{"type":"REPORT","url":"https://www.debian.org/lts/security/2021/dla-2649"}],"affected":[{"package":{"name":"cgal","ecosystem":"Mageia:7","purl":"pkg:rpm/mageia/cgal?arch=source&distro=mageia-7"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.14-1.1.mga7"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2021-0238.json"}}],"schema_version":"1.7.3","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}