An update for stb is now available for openEuler-22.03-LTS-SP2
Security Advisory
openeuler-security@openeuler.org
openEuler security committee
openEuler-SA-2023-1837
Final
1.0
1.0
2023-11-17
Initial
2023-11-17
2023-11-17
openEuler SA Tool V1.0
2023-11-17
stb security update
An update for stb is now available for openEuler-22.03-LTS-SP2.
Single-file public domain libraries for C/C++.
Security Fix(es):
Nothings stb 2.28 was discovered to contain a Null Pointer Dereference via the function stbi__convert_format. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted pic file.(CVE-2023-43898)
An update for stb is now available for openEuler-22.03-LTS-SP2.
openEuler Security has rated this update as having a security impact of medium. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.
Medium
stb
https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2023-1837
https://www.openeuler.org/en/security/cve/detail.html?id=CVE-2023-43898
https://nvd.nist.gov/vuln/detail/CVE-2023-43898
openEuler-22.03-LTS-SP2
stb_vorbis-devel-1.22.20220908git8b5f1f3-0.6.oe2203sp2.aarch64.rpm
stb_hexwave-devel-0.5.20220908git8b5f1f3-0.6.oe2203sp2.aarch64.rpm
stb_voxel_render-devel-0.89.20220908git8b5f1f3-0.6.oe2203sp2.aarch64.rpm
stb_divide-devel-0.94.20220908git8b5f1f3-0.6.oe2203sp2.aarch64.rpm
stb_connected_components-devel-0.96.20220908git8b5f1f3-0.6.oe2203sp2.aarch64.rpm
stb_tilemap_editor-devel-0.42.20220908git8b5f1f3-0.6.oe2203sp2.aarch64.rpm
stb_dxt-devel-1.12.20220908git8b5f1f3-0.6.oe2203sp2.aarch64.rpm
stb_leakcheck-devel-0.6.20220908git8b5f1f3-0.6.oe2203sp2.aarch64.rpm
stb_easy_font-devel-1.1.20220908git8b5f1f3-0.6.oe2203sp2.aarch64.rpm
stb_image_resize-devel-0.97.20220908git8b5f1f3-0.6.oe2203sp2.aarch64.rpm
stb_c_lexer-devel-0.12.20220908git8b5f1f3-0.6.oe2203sp2.aarch64.rpm
stb_textedit-devel-1.14.20220908git8b5f1f3-0.6.oe2203sp2.aarch64.rpm
stb_rect_pack-devel-1.1.20220908git8b5f1f3-0.6.oe2203sp2.aarch64.rpm
stb_perlin-devel-0.5.20220908git8b5f1f3-0.6.oe2203sp2.aarch64.rpm
stb_ds-devel-0.67.20220908git8b5f1f3-0.6.oe2203sp2.aarch64.rpm
stb_image_write-devel-1.16.20220908git8b5f1f3-0.6.oe2203sp2.aarch64.rpm
stb_herringbone_wang_tile-devel-0.7.20220908git8b5f1f3-0.6.oe2203sp2.aarch64.rpm
stb-devel-0.20220908git8b5f1f3-0.6.oe2203sp2.aarch64.rpm
stb_truetype-devel-1.26.20220908git8b5f1f3-0.6.oe2203sp2.aarch64.rpm
stb_sprintf-devel-1.10.20220908git8b5f1f3-0.6.oe2203sp2.aarch64.rpm
stb_image-devel-2.27.20220908git8b5f1f3-0.6.oe2203sp2.aarch64.rpm
stb-help-0.20220908git8b5f1f3-0.6.oe2203sp2.noarch.rpm
stb-0.20220908git8b5f1f3-0.6.oe2203sp2.src.rpm
stb_easy_font-devel-1.1.20220908git8b5f1f3-0.6.oe2203sp2.x86_64.rpm
stb_connected_components-devel-0.96.20220908git8b5f1f3-0.6.oe2203sp2.x86_64.rpm
stb_divide-devel-0.94.20220908git8b5f1f3-0.6.oe2203sp2.x86_64.rpm
stb_dxt-devel-1.12.20220908git8b5f1f3-0.6.oe2203sp2.x86_64.rpm
stb_truetype-devel-1.26.20220908git8b5f1f3-0.6.oe2203sp2.x86_64.rpm
stb_voxel_render-devel-0.89.20220908git8b5f1f3-0.6.oe2203sp2.x86_64.rpm
stb_textedit-devel-1.14.20220908git8b5f1f3-0.6.oe2203sp2.x86_64.rpm
stb_hexwave-devel-0.5.20220908git8b5f1f3-0.6.oe2203sp2.x86_64.rpm
stb_sprintf-devel-1.10.20220908git8b5f1f3-0.6.oe2203sp2.x86_64.rpm
stb_herringbone_wang_tile-devel-0.7.20220908git8b5f1f3-0.6.oe2203sp2.x86_64.rpm
stb_image_write-devel-1.16.20220908git8b5f1f3-0.6.oe2203sp2.x86_64.rpm
stb-devel-0.20220908git8b5f1f3-0.6.oe2203sp2.x86_64.rpm
stb_image-devel-2.27.20220908git8b5f1f3-0.6.oe2203sp2.x86_64.rpm
stb_c_lexer-devel-0.12.20220908git8b5f1f3-0.6.oe2203sp2.x86_64.rpm
stb_ds-devel-0.67.20220908git8b5f1f3-0.6.oe2203sp2.x86_64.rpm
stb_image_resize-devel-0.97.20220908git8b5f1f3-0.6.oe2203sp2.x86_64.rpm
stb_perlin-devel-0.5.20220908git8b5f1f3-0.6.oe2203sp2.x86_64.rpm
stb_rect_pack-devel-1.1.20220908git8b5f1f3-0.6.oe2203sp2.x86_64.rpm
stb_tilemap_editor-devel-0.42.20220908git8b5f1f3-0.6.oe2203sp2.x86_64.rpm
stb_leakcheck-devel-0.6.20220908git8b5f1f3-0.6.oe2203sp2.x86_64.rpm
stb_vorbis-devel-1.22.20220908git8b5f1f3-0.6.oe2203sp2.x86_64.rpm
Nothings stb 2.28 was discovered to contain a Null Pointer Dereference via the function stbi__convert_format. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted pic file.
2023-11-17
CVE-2023-43898
openEuler-22.03-LTS-SP2
Medium
5.5
AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
stb security update
2023-11-17
https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2023-1837