[SECURITY] [DLA 4164-1] libeconf security update

Mon, 12 May 2025 16:46:29 -0700 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- -------------------------------------------------------------------------
Debian LTS Advisory DLA-4164-1                [email protected]
https://www.debian.org/lts/security/                           Chris Lamb
May 12, 2025                                  https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package        : libeconf
Version        : 0.3.8-1+deb11u1
CVE ID         : CVE-2023-22652
Debian Bug     : 1037333

It was discovered that there was a potential buffer overflow
vulnerability in libeconf, a configuration file parser. This could
have been exploited via malicously-crafted configuration files.

For Debian 11 bullseye, this problem has been fixed in version
0.3.8-1+deb11u1.

We recommend that you upgrade your libeconf packages.

For the detailed security status of libeconf please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/libeconf

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAmgiagQACgkQHpU+J9Qx
Hlg70g//SDpSg5dUE4izSXTNOhIAlFerSiBlgNW6HQcUHIFaAGewFqBkF9etjNKK
sSab0nOZK+/YJ/hJtlreE/kFD3VLSVRiA2v3vVndOQ1V12YaEwWPzzkL9Rdzk6VN
DOP6L0BimOsS8lfA5sw4nbgvAAew/oITLpCVkfM44zSLY+ztoUsBnnyTriUFVh6x
dtlMvBn4SJ+e4zGYoShCLvAbYgOtnyZFAES9w+jmyI2ev4+9QhbwTh1kHbiqUqf/
eBwGMPz6rlFASg1x5iE5o9SjVfikvO3BiFXmmNMuANC+Io3ec7o9frlTwDKDTGO/
nLzfe1LaJdgM7FnOzvP9ZUYQ7OLj8XOvijCsGTzJgURwz4iWYNAOWCvpm0bqEhky
nUOc5StICcZzJaH3FMVJ/mmZuuq+9TqXh7Q6sLT/heMS3hQY+KMbzHYAf+/LvKfI
zzSJV/sir8wSNYBXq3w9ykR/0ei94sklz9m+MHdGLKP7y6bpUp+RWnj/GqF0wOpj
aoBEnlHyX+qOXBBuImjgMeZPS1Ws3jA4g7i3DtQOrjQGcRRnl9Urf4atRQwf/Sir
w9yaRwxlVHbywgf2pEYEowMJVPl3fAz3AXHhrdfwyf+7+/nTn+yyzhQ2ebC2LA8e
m4Svy9HN4ueBDNto1R7ecBzZ1V55nHTWPy0xNSZFYGolENZB4Ow=
=JrDn
-----END PGP SIGNATURE-----

Reply via email to