Gentoo Linux Security Advisory GLSA 200908-06 – Multiple heap-based buffer overflows in CDF might result in the execution of arbitrary code. Leon Juranic reported multiple heap-based buffer overflows for instance in the ReadAEDRList64(), SearchForRecord_r_64(), LastRecord64(), and CDFsel64() functions. Versions less than 3.3.0 are affected.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/80477/glsa-200908-06.txt
Source: https://packetstormsecurity.com/files/80477/Gentoo-Linux-Security-Advisory-200908-6.html