Test ID:	1.3.6.1.4.1.25623.1.1.10.2021.0332
Category:	Mageia Linux Local Security Checks
Title:	Mageia: Security Advisory (MGASA-2021-0332)
Summary:	The remote host is missing an update for the 'htmldoc' package(s) announced via the MGASA-2021-0332 advisory.
Description:	Summary: The remote host is missing an update for the 'htmldoc' package(s) announced via the MGASA-2021-0332 advisory. Vulnerability Insight: Updated htmldoc packages fix security vulnerabilities: Integer overflow in the htmldoc 1.9.11 and before may allow attackers to execute arbitrary code and cause a denial of service that is similar to CVE-2017-9181 (CVE-2021-20308). AddressSanitizer: double-free in function pspdf_export ps-pdf.cxx (CVE-2021-23158). AddressSanitizer: heap-buffer-overflow in pspdf_prepare_outpages() in ps-pdf.cxx (CVE-2021-23165). AddressSanitizer: SEGV in file_extension file.c (CVE-2021-23180). AddressSanitizer: SEGV on unknown address 0x000000000014 (CVE-2021-23191). AddressSanitizer: stack-buffer-overflow in parse_table ps-pdf.cxx (CVE-2021-23206). AddressSanitizer: heap-buffer-overflow in pspdf_prepare_page(int) ps-pdf.cxx (CVE-2021-26252). AddressSanitizer: heap-buffer-overflow on render_table_row() ps-pdf.cxx (CVE-2021-26259). SEGV on unknown address 0x000000000000 (CVE-2021-26948). Affected Software/OS: 'htmldoc' package(s) on Mageia 7, Mageia 8. Solution: Please install the updated package(s). CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2021-20308 [debian-lts-announce] 20210701 [SECURITY] [DLA 2700-1] htmldoc security update https://lists.debian.org/debian-lts-announce/2021/07/msg00000.html https://bugzilla.redhat.com/show_bug.cgi?id=1946289 https://github.com/michaelrsweet/htmldoc/issues/423 Common Vulnerability Exposure (CVE) ID: CVE-2021-23158 https://bugzilla.redhat.com/show_bug.cgi?id=1967018 https://github.com/michaelrsweet/htmldoc/commit/369b2ea1fd0d0537ba707f20a2f047b6afd2fbdc https://github.com/michaelrsweet/htmldoc/issues/414 Common Vulnerability Exposure (CVE) ID: CVE-2021-23165 https://bugzilla.redhat.com/show_bug.cgi?id=1967014 https://github.com/michaelrsweet/htmldoc/commit/6e8a95561988500b5b5ae4861b3b0cbf4fba517f https://github.com/michaelrsweet/htmldoc/commit/6e8a95561988500b5b5ae4861b3b0cbf4fba517f.patch https://github.com/michaelrsweet/htmldoc/issues/413 Common Vulnerability Exposure (CVE) ID: CVE-2021-23180 https://bugzilla.redhat.com/show_bug.cgi?id=1967041 https://github.com/michaelrsweet/htmldoc/commit/19c582fb32eac74b57e155cffbb529377a9e751a https://github.com/michaelrsweet/htmldoc/issues/418 https://ubuntu.com/security/CVE-2021-23180 Common Vulnerability Exposure (CVE) ID: CVE-2021-23191 https://bugzilla.redhat.com/show_bug.cgi?id=1967022 https://github.com/michaelrsweet/htmldoc/issues/415 https://ubuntu.com/security/CVE-2021-23191 Common Vulnerability Exposure (CVE) ID: CVE-2021-23206 https://bugzilla.redhat.com/show_bug.cgi?id=1967028 https://github.com/michaelrsweet/htmldoc/commit/ba61a3ece382389ae4482c7027af8b32e8ab4cc8 https://github.com/michaelrsweet/htmldoc/issues/416 https://ubuntu.com/security/CVE-2021-23206 Common Vulnerability Exposure (CVE) ID: CVE-2021-26252 https://bugzilla.redhat.com/show_bug.cgi?id=1967009 Common Vulnerability Exposure (CVE) ID: CVE-2021-26259 https://github.com/michaelrsweet/htmldoc/commit/0ddab26a542c74770317b622e985c52430092ba5 https://github.com/michaelrsweet/htmldoc/issues/417 Common Vulnerability Exposure (CVE) ID: CVE-2021-26948 https://github.com/michaelrsweet/htmldoc/issues/410
Copyright	Copyright (C) 2022 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.