Summary: | <net-libs/libyang-2.1.55: null pointer dereferences | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | John Helmert III <ajak> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | IN_PROGRESS --- | ||
Severity: | minor | CC: | jsmolic |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://github.com/CESNET/libyang/issues/1979 | ||
Whiteboard: | B3 [glsa?] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 905111 | ||
Bug Blocks: |
Description
John Helmert III
2023-04-04 04:11:54 UTC
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=c4286a6222203cc151877c8200a7f5563a2ffec4 commit c4286a6222203cc151877c8200a7f5563a2ffec4 Author: Jakov Smolić <jsmolic@gentoo.org> AuthorDate: 2023-04-04 07:53:26 +0000 Commit: Jakov Smolić <jsmolic@gentoo.org> CommitDate: 2023-04-04 07:59:13 +0000 net-libs/libyang: add 2.1.55 Bug: https://bugs.gentoo.org/903756 Signed-off-by: Jakov Smolić <jsmolic@gentoo.org> net-libs/libyang/Manifest | 1 + net-libs/libyang/libyang-2.1.55.ebuild | 46 ++++++++++++++++++++++++++++++++++ 2 files changed, 47 insertions(+) Thanks! Please stabilize 2.1.55 when ready. CVE-2023-26917 (https://github.com/CESNET/libyang/issues/1987): libyang from v2.0.164 to v2.1.30 was discovered to contain a NULL pointer dereference via the function lysp_stmt_validate_value at lys_parse_mem.c. The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=a8e254a5e783e7fd7b70f5b12a3e1e1cb8915ef4 commit a8e254a5e783e7fd7b70f5b12a3e1e1cb8915ef4 Author: Jakov Smolić <jsmolic@gentoo.org> AuthorDate: 2023-05-05 06:20:43 +0000 Commit: Jakov Smolić <jsmolic@gentoo.org> CommitDate: 2023-05-05 06:22:24 +0000 net-libs/libyang: drop 2.0.194-r1 Bug: https://bugs.gentoo.org/903756 Signed-off-by: Jakov Smolić <jsmolic@gentoo.org> net-libs/libyang/Manifest | 1 - net-libs/libyang/libyang-2.0.194-r1.ebuild | 46 ------------------------------ 2 files changed, 47 deletions(-) Thanks! |