-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2019-521e6c567c 2019-05-04 00:16:11.078221 --------------------------------------------------------------------------------
Name : graphviz Product : Fedora 30 Version : 2.40.1 Release : 46.fc30 URL : http://www.graphviz.org/ Summary : Graph Visualization Tools Description : A collection of tools for the manipulation and layout of graphs (as in nodes and edges, not as in barcharts).
-------------------------------------------------------------------------------- Update Information:
This is an update fixing CVE-2019-11023. ---- Fixed null pointer dereference in function agroot(), CVE-2019-11023 -------------------------------------------------------------------------------- ChangeLog:
* Wed Apr 24 2019 Jaroslav ��karvada jskarvad@redhat.com - 2.40.1-46 - Updated CVE-2019-11023 patch Related: CVE-2019-11023 * Wed Apr 24 2019 Jaroslav ��karvada jskarvad@redhat.com - 2.40.1-45 - Fixed null pointer dereference in function agroot() Resolves: CVE-2019-11023 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1699848 - CVE-2019-11023 graphviz: null pointer dereference in function agroot() in cgraph\obj.c https://bugzilla.redhat.com/show_bug.cgi?id=1699848 --------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2019-521e6c567c' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------