Advisories » MGASA-2023-0339

Updated libqb packages fix a security vulnerability

Publication date: 04 Dec 2023
Modification date: 04 Dec 2023
Type: security
Affected Mageia releases : 9
CVE: CVE-2023-39976

Description

This update fixes a security issue.

log_blackbox.c in libqb before 2.0.8 allows a buffer overflow via long
log messages because the header size is not considered (CVE-2023-39976)
                

References

• https://bugs.mageia.org/show_bug.cgi?id=32558
• https://lwn.net/Articles/952259/
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39976

SRPMS

9/core

• libqb-2.0.8-1.mga9