SUSE Package Hub - openSUSE-2023-43

Update Info

openSUSE-2023-43

Security update for pkgconf

Type: security

Severity: moderate

Issued: 2023-02-09

Description:

This update for pkgconf fixes the following issues:

- CVE-2023-24056: FIxed variable duplication can cause unbounded string expansion due to incorrect checks in libpkgconf/tuple.c (boo#1207394).

References

CVE: CVE-2023-24056
Bugzilla: 1207394 VUL-0: CVE-2023-24056: pkgconf: variable duplication can cause unbounded string expansion due to incorrect checks in libpkgconf/tuple.c

Packages

pkgconf-1.5.3-bp153.2.3.1