The following builds have been pushed to Fedora EPEL 7 updates-testing
stb-0-0.39.20231011gitbeebb24.el7
Details about builds:
================================================================================
stb-0-0.39.20231011gitbeebb24.el7 (FEDORA-EPEL-2023-b4ff3ac6b0)
Single-file public domain libraries for C/C++
--------------------------------------------------------------------------------
Update Information:
Security fix for CVE-2023-45661 CVE-2023-45662 CVE-2023-45663 CVE-2023-45664
CVE-2023-45666 CVE-2023-45667 CVE-2023-45675 CVE-2023-43281
--------------------------------------------------------------------------------
ChangeLog:
* Wed Oct 25 2023 Benjamin A. Beasley <code(a)musicinmybrain.net> -
0-0.39.20231011gitbeebb24
- stb_vorbis: fix GHSL-2023-165 / fix CVE-2023-45675
* Wed Oct 25 2023 Benjamin A. Beasley <code(a)musicinmybrain.net> -
0-0.38.20231011gitbeebb24
- stb_image: fix GHSL-2023-151 / fix CVE-2023-45667
* Wed Oct 25 2023 Benjamin A. Beasley <code(a)musicinmybrain.net> -
0-0.37.20231011gitbeebb24
- stb_image: fix GHSL-2023-150 / fix CVE-2023-45666
* Wed Oct 25 2023 Benjamin A. Beasley <code(a)musicinmybrain.net> -
0-0.36.20231011gitbeebb24
- Document another bug, PR, and name (GHSL-2023-149) for CVE-2023-43898
* Wed Oct 25 2023 Benjamin A. Beasley <code(a)musicinmybrain.net> -
0-0.35.20231011gitbeebb24
- stb_image: fix GHSL-2023-148 / fix CVE-2023-45664
* Wed Oct 25 2023 Benjamin A. Beasley <code(a)musicinmybrain.net> -
0-0.34.20231011gitbeebb24
- stb_image: fix GHSL-2023-147 / fix CVE-2023-45663
* Wed Oct 25 2023 Benjamin A. Beasley <code(a)musicinmybrain.net> -
0-0.33.20231011gitbeebb24
- stb_image: fix GHSL-2023-146 / fix CVE-2023-45662
* Wed Oct 25 2023 Benjamin A. Beasley <code(a)musicinmybrain.net> -
0-0.32.20231011gitbeebb24
- stb_image: fix GHSL-2023-145 / fix CVE-2023-45661
* Wed Oct 25 2023 Benjamin A. Beasley <code(a)musicinmybrain.net> -
0-0.31.20231011gitbeebb24
- Document that 1454.patch fixes CVE-2023-43898
* Wed Oct 25 2023 Benjamin A. Beasley <code(a)musicinmybrain.net> -
0-0.30.20231011gitbeebb24
- Backport a PR fixing undefined behavior in stb_image_resize2
* Wed Oct 25 2023 Benjamin A. Beasley <code(a)musicinmybrain.net> -
0-0.29.20231011gitbeebb24
- Backport three PR���s fixing undefined behavior in stb_image
* Wed Oct 25 2023 Benjamin A. Beasley <code(a)musicinmybrain.net> -
0-0.28.20231011gitbeebb24
- Update to 0^beebb24git20231011 (minor C99 fixes)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2246102 - CVE-2023-45661 stb: out of bounds read
https://bugzilla.redhat.com/show_bug.cgi?id=2246102
[ 2 ] Bug #2246103 - CVE-2023-45662 stb: out of bounds read
https://bugzilla.redhat.com/show_bug.cgi?id=2246103
[ 3 ] Bug #2246104 - CVE-2023-45663 stb: memory access violations
https://bugzilla.redhat.com/show_bug.cgi?id=2246104
[ 4 ] Bug #2246105 - CVE-2023-45664 stb: memory access violations
https://bugzilla.redhat.com/show_bug.cgi?id=2246105
[ 5 ] Bug #2246109 - CVE-2023-45666 stb: memory access violation
https://bugzilla.redhat.com/show_bug.cgi?id=2246109
[ 6 ] Bug #2246110 - CVE-2023-45667 stb: memory access violation
https://bugzilla.redhat.com/show_bug.cgi?id=2246110
[ 7 ] Bug #2246320 - CVE-2023-43281 stb: remote denial of service
https://bugzilla.redhat.com/show_bug.cgi?id=2246320
--------------------------------------------------------------------------------