| Summary: | editorconfig-core-c new security issue CVE-2023-0341 | ||
|---|---|---|---|
| Product: | Mageia | Reporter: | David Walser <luigiwalser> |
| Component: | Security | Assignee: | QA Team <qa-bugs> |
| Status: | RESOLVED FIXED | QA Contact: | Sec team <security> |
| Severity: | major | ||
| Priority: | Normal | CC: | andrewsfarm, davidwhodgins, geiger.david68210, marja11, sysadmin-bugs |
| Version: | 8 | Keywords: | advisory, validated_update |
| Target Milestone: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | MGA8-64-OK | ||
| Source RPM: | editorconfig-core-c-0.12.5-2.mga9.src.rpm | CVE: | |
| Status comment: | |||
|
Description
David Walser
2023-02-06 16:29:40 CET
David Walser
2023-02-06 16:34:05 CET
Status comment:
(none) =>
Fixed upstream in 0.12.6 Assigning to our registered editorconfig-core-c maintainer. CC:
(none) =>
marja11 Done for both mga8 and Cauldron! libeditorconfig0-0.12.6-1.mga8 editorconfig-0.12.6-1.mga8 libeditorconfig-devel-0.12.6-1.mga8 from editorconfig-core-c-0.12.6-1.mga8.src.rpm CC:
(none) =>
geiger.david68210 Tested in a VirtualBox mga8-64 Plasma guest. No installation issues. No previous updates, but urpmq --whatreqires-recursive indicates that it is used by plasma-workspace, kwrite, konqueror, kate, and others. I ran kwrite with strace -o output.txt kwrite and loaded a short text file into it. I edited the file, saved the edited version, and printed it to a pdf file. Examining output.txt afterward showed a call to "/lib64/libeditorconfig.so.0" Kwrite functioned normally, and there were no observed problems with plasma-workspace, so I'm going to call this one OK. Validating. Whiteboard:
(none) =>
MGA8-64-OK
Dave Hodgins
2023-02-14 21:09:24 CET
CC:
(none) =>
davidwhodgins An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2023-0048.html Resolution:
(none) =>
FIXED |