Explore top 10 tips to secure your open-source projects now. Read More
×
The updated packages fix a security vulnerability
In autofile Audio File Library 0.3.6, there exists one memory leak
vulnerability in printfileinfo, in printinfo.c, which allows an attacker
to leak sensitive information via a crafted file. The printfileinfo
function calls the copyrightstring function to get data, however, it
dosn't use zero bytes to truncate the data. (CVE-2022-24599)
- https://bugs.mageia.org/show_bug.cgi?id=32561
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WTETOUJNRR75REYJZTBGF6TAJZYTMXUY/
- https://www.cve.org/CVERecord?id=CVE-2023-24599
- 9/core/audiofile-0.3.6-12.1.mga9
Get the latest Linux and open source security news straight to your inbox.