bug 30366 reports issue CVE-2022-28041 about stb library, which is included in curaengine. stb library has been updated to the latest snapshot (29-01-2023) to fix the issue. Package: curaengine-4.8.0-1.1.1.mga8 Source: curaengine-4.8.0-1.1.1.mga8.src.rpm
MGA8-64 MATE on Acer Aspire 5253 No installation issues. As in bug 29622, getting no further than the help command: $ CuraEngine help Cura_SteamEngine version 4.8.0 Copyright (C) 2020 Ultimaker This program is free software: you can redistribute it and/or modify it under the terms of the GNU Affero General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more details. You should have received a copy of the GNU Affero General Public License along with this program. If not, see <http://www.gnu.org/licenses/>. usage: CuraEngine help Show this help message CuraEngine connect <host>[:<port>] [-j <settings.def.json>] --connect <host>[:<port>] Connect to <host> via a command socket, instead of passing information via the command line -v Increase the verbose level (show log messages). etc..... seems to work OK.
Whiteboard: (none) => MGA8-64-OKCC: (none) => herman.viaene
Why not update to 4.12.1 that is in mga9?
CC: (none) => fri
Maybe 5.x in mga9, BTW...
(In reply to Morgan Leijström from comment #2) > Why not update to 4.12.1 that is in mga9? It is in 4.13.1. The update is not needed to fix the CVE. 5.x wasn't packaged until recently anywhere.
Validating.
CC: (none) => andrewsfarm, sysadmin-bugsKeywords: (none) => validated_update
CC: (none) => davidwhodginsKeywords: (none) => advisory
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2023-0228.html
Status: NEW => RESOLVEDResolution: (none) => FIXED