An update for nasm is now available for openEuler-20.03-LTS-SP1,openEuler-20.03-LTS-SP3,openEuler-22.03-LTS and openEuler-22.03-LTS-SP1 Security Advisory openeuler-security@openeuler.org openEuler security committee openEuler-SA-2023-1245 Final 1.0 1.0 2023-04-21 Initial 2023-04-21 2023-04-21 openEuler SA Tool V1.0 2023-04-21 nasm security update An update for nasm is now available for openEuler-20.03-LTS-SP1,openEuler-20.03-LTS-SP3,openEuler-22.03-LTS and openEuler-22.03-LTS-SP1. NASM is the Netwide Assembler, a free portable assembler for the Intel 80x86 microprocessor series, using primarily the traditional Intel instruction mnemonics and syntax. It also provides tools in RDOFF binary format, includes linker, library manager, loader, and information dump. Security Fix(es): NASM v2.16 was discovered to contain a heap buffer overflow in the component quote_for_pmake() asm/nasm.c:856(CVE-2022-44370) An update for nasm is now available for openEuler-20.03-LTS-SP1,openEuler-20.03-LTS-SP3,openEuler-22.03-LTS and openEuler-22.03-LTS-SP1. openEuler Security has rated this update as having a security impact of high. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section. High nasm https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2023-1245 https://www.openeuler.org/en/security/cve/detail.html?id=CVE-2022-44370 https://nvd.nist.gov/vuln/detail/CVE-2022-44370 openEuler-20.03-LTS-SP1 openEuler-20.03-LTS-SP3 openEuler-22.03-LTS openEuler-22.03-LTS-SP1 nasm-debuginfo-2.15.03-6.oe1.aarch64.rpm nasm-debugsource-2.15.03-6.oe1.aarch64.rpm nasm-2.15.03-6.oe1.aarch64.rpm nasm-debuginfo-2.15.03-6.oe1.aarch64.rpm nasm-2.15.03-6.oe1.aarch64.rpm nasm-debugsource-2.15.03-6.oe1.aarch64.rpm nasm-debugsource-2.15.05-5.oe2203.aarch64.rpm nasm-2.15.05-5.oe2203.aarch64.rpm nasm-debuginfo-2.15.05-5.oe2203.aarch64.rpm nasm-debuginfo-2.15.05-5.oe2203sp1.aarch64.rpm nasm-debugsource-2.15.05-5.oe2203sp1.aarch64.rpm nasm-2.15.05-5.oe2203sp1.aarch64.rpm nasm-help-2.15.03-6.oe1.noarch.rpm nasm-help-2.15.03-6.oe1.noarch.rpm nasm-help-2.15.05-5.oe2203.noarch.rpm nasm-help-2.15.05-5.oe2203sp1.noarch.rpm nasm-2.15.03-6.oe1.src.rpm nasm-2.15.03-6.oe1.src.rpm nasm-2.15.05-5.oe2203.src.rpm nasm-2.15.05-5.oe2203sp1.src.rpm nasm-debuginfo-2.15.03-6.oe1.x86_64.rpm nasm-2.15.03-6.oe1.x86_64.rpm nasm-debugsource-2.15.03-6.oe1.x86_64.rpm nasm-2.15.03-6.oe1.x86_64.rpm nasm-debugsource-2.15.03-6.oe1.x86_64.rpm nasm-debuginfo-2.15.03-6.oe1.x86_64.rpm nasm-debuginfo-2.15.05-5.oe2203.x86_64.rpm nasm-2.15.05-5.oe2203.x86_64.rpm nasm-debugsource-2.15.05-5.oe2203.x86_64.rpm nasm-debuginfo-2.15.05-5.oe2203sp1.x86_64.rpm nasm-debugsource-2.15.05-5.oe2203sp1.x86_64.rpm nasm-2.15.05-5.oe2203sp1.x86_64.rpm NASM v2.16 was discovered to contain a heap buffer overflow in the component quote_for_pmake() asm/nasm.c:856 2023-04-21 CVE-2022-44370 openEuler-20.03-LTS-SP1 openEuler-20.03-LTS-SP3 openEuler-22.03-LTS openEuler-22.03-LTS-SP1 High 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H nasm security update 2023-04-21 https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2023-1245