A flaw was found in libcaca v0.99.beta19. A buffer overflow issue in caca_resize function in libcaca/caca/canvas.c may lead to local execution of arbitrary code in the user context.
[
{
"product": "libcaca",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "libcaca v0.99.beta19"
}
]
}
]
bugzilla.redhat.com/show_bug.cgi?id=1928437
github.com/cacalabs/libcaca/issues/52
lists.debian.org/debian-lts-announce/2021/03/msg00006.html
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6WFGYICNTMNDNMDDUV4G2RYFB5HNJCOV/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PC7EGOEQ5C4OD66ZUJJIIYEXBTZOCMZX/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZSBCRN6EGQJUVOSD4OEEQ6XORHEM2CUL/