SUSE Package Hub - openSUSE-2020-1385

Update Info

openSUSE-2020-1385

Security update for gettext-runtime

Type: security

Severity: moderate

Issued: 2020-09-08

Description:

This update for gettext-runtime fixes the following issues:

- Fix boo941629-unnessary-rpath-on-standard-path.patch (bsc#941629) 
- Added msgfmt-double-free.patch to fix a double free error
  (CVE-2018-18751 bsc#1113719)
- Add patch msgfmt-reset-msg-length-after-remove.patch
  which does reset the length of message string after a line
  has been removed (bsc#1106843)

This update was imported from the SUSE:SLE-15:Update update project.
This update was imported from the openSUSE:Leap:15.1:Update update project.

References

CVE: CVE-2018-18751
Bugzilla: 941629 config.rpath from gettext-tools adds unnessary rpaths in x86_64 builds
Bugzilla: 1113719 VUL-1: CVE-2018-18751: gettext,gettext-runtime: double free
Bugzilla: 1106843 msgfmt crashes when writing java source code and the .po file has a POT-Creation-Date header

Packages

gettext-csharp-0.19.8.1-bp151.2.1