Package name
lcms2
Date
2013-08-12
Advisory ID
MDVSA-2013:211
Affected versions
MBS1 x86_64

Problem description

Updated lcms2 packages fixes security vulnerability:

It was discovered that Little CMS did not properly verify certain
memory allocations. If a user or automated system using Little CMS
were tricked into opening a specially crafted file, an attacker could
cause Little CMS to crash (CVE-2013-4160).

Updated packages

MBS1 x86_64

 5f10ddc400cb5bec944daa1a718d809c  mbs1/x86_64/lcms2-2.5-1.mbs1.x86_64.rpm
 f0e1f5bef31a7cc85424d0ad094f4ee9  mbs1/x86_64/lib64lcms2_2-2.5-1.mbs1.x86_64.rpm
 779cc54554663a5496400cdb168f6737  mbs1/x86_64/lib64lcms2-devel-2.5-1.mbs1.x86_64.rpm 
 50f6f789c1fc5077fa71478abe0ebc4d  mbs1/SRPMS/lcms2-2.5-1.mbs1.src.rpm

References