ASA-202011-19 log generated external raw

[ASA-202011-19] libass: arbitrary code execution
Arch Linux Security Advisory ASA-202011-19 ========================================== Severity: Medium Date : 2020-11-19 CVE-ID : CVE-2020-26682 Package : libass Type : arbitrary code execution Remote : No Link : Summary ======= The package libass before version 0.15.0-1 is vulnerable to arbitrary code execution. Resolution ========== Upgrade to 0.15.0-1. # pacman -Syu "libass>=0.15.0-1" The problem has been fixed upstream in version 0.15.0. Workaround ========== None. Description =========== In libass 0.14.0, the ass_outline_construct's call to outline_stroke causes a signed integer overflow. Impact ====== A maliciously crafted file might crash the application or execute arbitrary code. References ==========