Control: tags -1 + patch pending
I believe the following patch, also passed upstream, will solve this
problem.
Description: Make sure CPU feature parsing use large enough string buffer.
Fixes CVE-2023-29579.
Author: Petter Reinholdtsen
Bug: https://github.com/yasm/yasm/issues/214
Bug-Debian: ht
Source: yasm
X-Debbugs-CC: t...@security.debian.org
Severity: important
Tags: security
Hi,
The following vulnerability was published for yasm.
CVE-2023-29579[0]:
| yasm 1.3.0.55.g101bc was discovered to contain a stack overflow via
| the component yasm/yasm+0x43b466 in vsprintf.
https://github.
2 matches
Mail list logo
