A heap buffer overflow vulnerability has been found in GDAL which could result in denial of service.
|Package||sci-libs/gdal on all architectures|
|Affected versions||< 3.4.1|
|Unaffected versions||>= 3.4.1|
GDAL is a geospatial data abstraction library.
GDAL does not sufficiently sanitize input when loading PCIDSK binary segments.
Loading crafted PCIDSK data via GDAL could result in denial of service.
There is no known workaround at this time.
All GDAL users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=sci-libs/gdal-3.4.1"
October 31, 2022
October 31, 2022: 1