Advisories » MGASA-2024-0093

Updated clojure packages fix security vulnerability

Publication date: 27 Mar 2024
Modification date: 27 Mar 2024
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-22871

Description

An issue in Clojure versions 1.20 to 1.12.0-alpha5 allows an attacker to
cause a denial of service (DoS) via the clojure.core$partial$fn__5920
function. (CVE-2024-22871)
                

References

• https://bugs.mageia.org/show_bug.cgi?id=33012
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/25FKUOYXQZGGJMFUM5HJABWMIX2TILRV/
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-22871

SRPMS

9/core

• clojure-1.11.2-1.mga9