Fedora has issued an advisory on May 11: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2MHQQXX27ACLLYUQHWSL3DVCOGUK5ZA4/ Mageia 9 is also affected. The fix is: https://src.fedoraproject.org/rpms/stb/raw/964fb3861ef6c418ef0f189b9cc047aabf83f16c/f/1559.patch
Whiteboard: (none) => MGA9TOOCVE: (none) => CVE-2023-45681, CVE-2023-47212Status comment: (none) => Patch available from FedoraSource RPM: (none) => stb-0-0.git20240213.1.mga10.src.rpm
No one packager in view, assigning this globally.
Assignee: bugsquad => pkg-bugs
Assigning to the registered maintainer!
CC: (none) => geiger.david68210Assignee: pkg-bugs => smelror
Fixed for Cauldron and mga9 too! Assigning to QA, Packages in 9/Core/Updates_testing: ====================== stb-devel-0-0.git20230129.4.1.mga9.noarch.rpm From SRPMS: stb-0-0.git20230129.4.1.mga9.src.rpm
Whiteboard: MGA9TOO => (none)Assignee: smelror => qa-bugsVersion: Cauldron => 9
Keywords: (none) => advisory
This is described as "single-file public domain libraries for C/C++" and urpmq doesn't come up with anything that requires it. MGA9-64 Plasma in VirtualBox. Installed without issues, updated using qarepo, also without issues. Removed it, also without issues. This is developer stuff. Validating on the clean install.
Whiteboard: (none) => MGA9-64-OKKeywords: (none) => validated_updateCC: (none) => andrewsfarm, sysadmin-bugs
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2024-0186.html
Resolution: (none) => FIXEDStatus: NEW => RESOLVED