-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2022-9b67d67195 2022-09-21 01:21:16.550051 --------------------------------------------------------------------------------
Name : libconfuse Product : Fedora 35 Version : 3.3 Release : 7.fc35 URL : https://github.com/martinh/libconfuse Summary : A configuration file parser library Description : libConfuse is a configuration file parser library, licensed under the terms of the ISC license, and written in C. It supports sections and (lists of) values (strings, integers, floats, booleans or other sections), as well as some other features (such as single/double-quoted strings, environment variable expansion, functions and nested include statements). It makes it very easy to add configuration file capability to a program using a simple API.
The goal of libConfuse is not to be the configuration file parser library with a gazillion of features. Instead, it aims to be easy to use and quick to integrate with your code.
-------------------------------------------------------------------------------- Update Information:
Patch for CVE-2022-40320 -------------------------------------------------------------------------------- ChangeLog:
* Mon Sep 12 2022 Gwyn Ciesla gwync@protonmail.com - 3.3-7 - Patch for CVE-2022-40320 * Thu Jul 21 2022 Fedora Release Engineering releng@fedoraproject.org - 3.3-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild * Thu Jan 20 2022 Fedora Release Engineering releng@fedoraproject.org - 3.3-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2126404 - CVE-2022-40320 libconfuse: heap-based buffer over-read [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2126404 --------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2022-9b67d67195' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------