Security update for cfitsio (important)

2018-04-21T00:06:50
ID OPENSUSE-SU-2018:1038-1
Type suse
Reporter Suse
Modified 2018-04-21T00:06:50

Description

This update for cfitsio fixes the following issues:

Security issues fixed:

  • CVE-2018-1000166: Unsafe use of sprintf() can allow a remote unauthenticated attacker to execute arbitrary code (boo#1088590)

This update to version 3.430 also contains a number of upstream bug fixes.

The following tracked packaging changes are included:

  • boo#1082318: package licence text as license, not as documentation