{"affected":[{"ecosystem_specific":{"binaries":[{"caca-utils":"0.99.beta19.git20171003-11.3.1","libcaca-devel":"0.99.beta19.git20171003-11.3.1","libcaca-ruby":"0.99.beta19.git20171003-11.3.1","libcaca0":"0.99.beta19.git20171003-11.3.1","libcaca0-32bit":"0.99.beta19.git20171003-11.3.1","libcaca0-plugins":"0.99.beta19.git20171003-11.3.1","libcaca0-plugins-32bit":"0.99.beta19.git20171003-11.3.1","python3-caca":"0.99.beta19.git20171003-11.3.1"}]},"package":{"ecosystem":"openSUSE:Leap 15.3","name":"libcaca","purl":"pkg:rpm/opensuse/libcaca&distro=openSUSE%20Leap%2015.3"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"0.99.beta19.git20171003-11.3.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for libcaca fixes the following issues:\n\n- CVE-2021-30498, CVE-2021-30499: If an image has a size of 0x0, when exporting, no \n  data is written and space is allocated for the header only, not taking into\n  account that sprintf appends a NUL byte (bsc#1184751, bsc#1184752).\n","id":"openSUSE-SU-2022:0769-1","modified":"2022-03-09T08:24:10Z","published":"2022-03-09T08:24:10Z","references":[{"type":"ADVISORY","url":"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/SRWTKUG6M4N5W7U2DBAJ4MTXKVSEHRXW/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1184751"},{"type":"REPORT","url":"https://bugzilla.suse.com/1184752"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-30498"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-30499"}],"related":["CVE-2021-30498","CVE-2021-30499"],"summary":"Security update for libcaca","upstream":["CVE-2021-30498","CVE-2021-30499"]}