86 matches found
Updated pkgconf packages fix security vulnerability
In pkgconf through 1.9.3, variable duplication can cause unbounded string expansion due to incorrect checks in libpkgconf/tuple.c:pkgconftupleparse. For example, a .pc file containing a few hundred bytes can expand to one billion bytes. CVE-2023-24056...
MGASA-2023-0077 Updated pkgconf packages fix security vulnerability
In pkgconf through 1.9.3, variable duplication can cause unbounded string expansion due to incorrect checks in libpkgconf/tuple.c:pkgconftupleparse. For example, a .pc file containing a few hundred bytes can expand to one billion bytes. CVE-2023-24056...
SUSE CVE-2018-1000221
pkgconf version 1.5.0 to 1.5.2 contains a Buffer Overflow vulnerability in dequote that can result in dequote function returns 1-byte allocation if initial length is 0, leading to buffer overflow. This attack appear to be exploitable via specially crafted .pc file. This vulnerability appears to...
SUSE CVE-2023-24056
In pkgconf through 1.9.3, variable duplication can cause unbounded string expansion due to incorrect checks in libpkgconf/tuple.c:pkgconftupleparse. For example, a .pc file containing a few hundred bytes can expand to one billion bytes...
CVE-2023-24056 affecting package pkgconf for versions less than 1.8.0-3
CVE-2023-24056 affecting package pkgconf for versions less than 1.8.0-3. A patched version of the package is available...
openSUSE 15 Security Update : pkgconf (openSUSE-SU-2023:0043-1)
The remote openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2023:0043-1 advisory. - In pkgconf through 1.9.3, variable duplication can cause unbounded string expansion due to incorrect checks in libpkgconf/tuple.c:pkgconftupleparse. Fo...
OPENSUSE-SU-2023:0043-1 Security update for pkgconf
This update for pkgconf fixes the following issues: - CVE-2023-24056: FIxed variable duplication can cause unbounded string expansion due to incorrect checks in libpkgconf/tuple.c boo1207394...
Security update for pkgconf (moderate)
openSUSE Security Update: Security update for pkgconf Announcement ID: openSUSE-SU-2023:0043-1 Rating: moderate References: 1207394 Cross-References: CVE-2023-24056 CVSS scores: CVE-2023-24056 NVD : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2023-24056 SUSE: 5.5...
OESA-2023-1046 pkgconf security update
pkgconf is a program which helps to configure compiler and linker flags for development frameworks. It is similar to pkg-config from freedesktop.org, providing additional functionality while also maintaining compatibility. Security Fixes: In pkgconf through 1.9.3, variable duplication can cause...
In pkgconf through 1.9.3 variable duplication can cause unbounded string expansion due to incorrect checks in libpkgconf/tuple.c:pkgconf_tuple_parse. For example a .pc file containing a few hundred bytes can expand to one billion bytes.
...
CVE-2023-24056
A flaw was found in pkgconf, where a variable duplication can cause unbounded string expansion due to incorrect checks in libpkgconf/tuple.c:pkgconftupleparse. This issue may lead to a buffer overflow, which can crash the software...
AZL-13124 CVE-2023-24056 affecting package pkgconf for versions less than 1.8.0-3
In pkgconf through 1.9.3, variable duplication can cause unbounded string expansion due to incorrect checks in libpkgconf/tuple.c:pkgconftupleparse. For example, a .pc file containing a few hundred bytes can expand to one billion bytes...
CVE-2023-24056
In pkgconf through 1.9.3, variable duplication can cause unbounded string expansion due to incorrect checks in libpkgconf/tuple.c:pkgconftupleparse. For example, a .pc file containing a few hundred bytes can expand to one billion bytes...
ALPINE-CVE-2023-24056
In pkgconf through 1.9.3, variable duplication can cause unbounded string expansion due to incorrect checks in libpkgconf/tuple.c:pkgconftupleparse. For example, a .pc file containing a few hundred bytes can expand to one billion bytes...
DEBIAN-CVE-2023-24056
In pkgconf through 1.9.3, variable duplication can cause unbounded string expansion due to incorrect checks in libpkgconf/tuple.c:pkgconftupleparse. For example, a .pc file containing a few hundred bytes can expand to one billion bytes...
CVE-2023-24056
In pkgconf through 1.9.3, variable duplication can cause unbounded string expansion due to incorrect checks in libpkgconf/tuple.c:pkgconftupleparse. For example, a .pc file containing a few hundred bytes can expand to one billion bytes...
CVE-2023-24056 vulnerabilities
Vulnerabilities for packages: pkgconf...
CVE-2023-24056 vulnerabilities
Vulnerabilities for packages: pkgconf...
Design/Logic Flaw
In pkgconf through 1.9.3, variable duplication can cause unbounded string expansion due to incorrect checks in libpkgconf/tuple.c:pkgconftupleparse. For example, a .pc file containing a few hundred bytes can expand to one billion bytes...
UBUNTU-CVE-2023-24056
In pkgconf through 1.9.3, variable duplication can cause unbounded string expansion due to incorrect checks in libpkgconf/tuple.c:pkgconftupleparse. For example, a .pc file containing a few hundred bytes can expand to one billion bytes...