Skip to main content
Vulnerability Intelligence
Platform
Solutions
Customers
Resources
Company
Login
Get Demo
Vulnerability Intelligence
openSUSE-SU-2023:0043-1
openSUSE-SU-2023:0043-1
UNKNOWN
Security update for pkgconf
Published Feb 9, 2023
Modified 3 years ago
Fix available
Details
This update for pkgconf fixes the following issues:
CVE-2023-24056: FIxed variable duplication can cause unbounded string expansion due to incorrect checks in libpkgconf/tuple.c (boo#1207394).
Affected Packages
libpkgconf-devel
SUSE Package Hub 15 SP3
openSUSE Leap 15.3
Fixed in:
1.5.3-bp153.2.3.1
libpkgconf3
SUSE Package Hub 15 SP3
openSUSE Leap 15.3
Fixed in:
1.5.3-bp153.2.3.1
pkgconf
SUSE Package Hub 15 SP3
openSUSE Leap 15.3
Fixed in:
1.5.3-bp153.2.3.1
References
REPORT
https://bugzilla.suse.com/1207394
ADVISORY
https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/ZWDULBZHRPQHGUXNQ3HNNHRJ3YXPJ7QH/
WEB
https://www.suse.com/security/cve/CVE-2023-24056
Upstream
CVE-2023-24056
Related
CVE-2023-24056
Ecosystems
SUSE Package Hub 15 SP3
openSUSE Leap 15.3
Timeline
Published
Feb 9, 2023
Modified
Feb 9, 2023
openSUSE-SU-2023:0043-1 | Mondoo Vulnerability Intelligence