Low: gettext security update

2019-11-0518:10:22

errata.almalinux.org

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.02

Percentile

88.9%

JSON

The gettext packages provide a documentation for producing multi-lingual messages in programs, set of conventions about how programs should be written, a runtime library, and a directory and file naming organization for the message catalogs.

Security Fix(es):

gettext: double free in default_add_message in read-catalog.c (CVE-2018-18751)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.

OSVersionArchitecturePackageVersionFilename
almalinux8x86_64gettext-libs< 0.19.8.1-17.el8gettext-libs-0.19.8.1-17.el8.x86_64.rpm
almalinux8x86_64gettext-libs< 0.19.8.1-17.el8gettext-libs-0.19.8.1-17.el8.x86_64.rpm
almalinux8x86_64gettext< 0.19.8.1-17.el8gettext-0.19.8.1-17.el8.x86_64.rpm
almalinux8noarchgettext-common-devel< 0.19.8.1-17.el8gettext-common-devel-0.19.8.1-17.el8.noarch.rpm
almalinux8i686gettext-libs< 0.19.8.1-17.el8gettext-libs-0.19.8.1-17.el8.i686.rpm
almalinux8i686gettext-devel< 0.19.8.1-17.el8gettext-devel-0.19.8.1-17.el8.i686.rpm
almalinux8x86_64gettext-devel< 0.19.8.1-17.el8gettext-devel-0.19.8.1-17.el8.x86_64.rpm
almalinux8x86_64gettext-devel< 0.19.8.1-17.el8gettext-devel-0.19.8.1-17.el8.x86_64.rpm
almalinux8aarch64gettext-devel< 0.19.8.1-17.el8gettext-devel-0.19.8.1-17.el8.aarch64.rpm
almalinux8aarch64gettext-libs< 0.19.8.1-17.el8gettext-libs-0.19.8.1-17.el8.aarch64.rpm

OS	Version	Architecture	Package	Version	Filename
almalinux	8	x86_64	gettext-libs	< 0.19.8.1-17.el8	gettext-libs-0.19.8.1-17.el8.x86_64.rpm
almalinux	8	x86_64	gettext-libs	< 0.19.8.1-17.el8	gettext-libs-0.19.8.1-17.el8.x86_64.rpm
almalinux	8	x86_64	gettext	< 0.19.8.1-17.el8	gettext-0.19.8.1-17.el8.x86_64.rpm
almalinux	8	noarch	gettext-common-devel	< 0.19.8.1-17.el8	gettext-common-devel-0.19.8.1-17.el8.noarch.rpm
almalinux	8	i686	gettext-libs	< 0.19.8.1-17.el8	gettext-libs-0.19.8.1-17.el8.i686.rpm
almalinux	8	i686	gettext-devel	< 0.19.8.1-17.el8	gettext-devel-0.19.8.1-17.el8.i686.rpm
almalinux	8	x86_64	gettext-devel	< 0.19.8.1-17.el8	gettext-devel-0.19.8.1-17.el8.x86_64.rpm
almalinux	8	x86_64	gettext-devel	< 0.19.8.1-17.el8	gettext-devel-0.19.8.1-17.el8.x86_64.rpm
almalinux	8	aarch64	gettext-devel	< 0.19.8.1-17.el8	gettext-devel-0.19.8.1-17.el8.aarch64.rpm
almalinux	8	aarch64	gettext-libs	< 0.19.8.1-17.el8	gettext-libs-0.19.8.1-17.el8.aarch64.rpm