Security update for chafa SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2022:10045-1 Final 1 1 2022-07-08T18:01:18Z current 2022-07-08T18:01:18Z 2022-07-08T18:01:18Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for chafa This update for chafa fixes the following issues: - CVE-2022-2301: Fixed buffer over-read (boo#1201211) The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-2022-10045 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/PX5AWM27AFS35SS2ZQEF5DK6J25BVQW6/ E-Mail link for openSUSE-SU-2022:10045-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1201211 SUSE Bug 1201211 https://www.suse.com/security/cve/CVE-2022-2301/ SUSE CVE CVE-2022-2301 page SUSE Package Hub 15 SP4 openSUSE Leap 15.4 chafa-1.8.0-bp154.3.8.1 chafa-devel-1.8.0-bp154.3.8.1 chafa-doc-1.8.0-bp154.3.8.1 libchafa0-1.8.0-bp154.3.8.1 chafa-1.8.0-bp154.3.8.1 as a component of SUSE Package Hub 15 SP4 chafa-devel-1.8.0-bp154.3.8.1 as a component of SUSE Package Hub 15 SP4 chafa-doc-1.8.0-bp154.3.8.1 as a component of SUSE Package Hub 15 SP4 libchafa0-1.8.0-bp154.3.8.1 as a component of SUSE Package Hub 15 SP4 chafa-1.8.0-bp154.3.8.1 as a component of openSUSE Leap 15.4 chafa-devel-1.8.0-bp154.3.8.1 as a component of openSUSE Leap 15.4 chafa-doc-1.8.0-bp154.3.8.1 as a component of openSUSE Leap 15.4 libchafa0-1.8.0-bp154.3.8.1 as a component of openSUSE Leap 15.4 Buffer Over-read in GitHub repository hpjansson/chafa prior to 1.10.3. CVE-2022-2301 SUSE Package Hub 15 SP4:chafa-1.8.0-bp154.3.8.1 SUSE Package Hub 15 SP4:chafa-devel-1.8.0-bp154.3.8.1 SUSE Package Hub 15 SP4:chafa-doc-1.8.0-bp154.3.8.1 SUSE Package Hub 15 SP4:libchafa0-1.8.0-bp154.3.8.1 openSUSE Leap 15.4:chafa-1.8.0-bp154.3.8.1 openSUSE Leap 15.4:chafa-devel-1.8.0-bp154.3.8.1 openSUSE Leap 15.4:chafa-doc-1.8.0-bp154.3.8.1 openSUSE Leap 15.4:libchafa0-1.8.0-bp154.3.8.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/PX5AWM27AFS35SS2ZQEF5DK6J25BVQW6/ https://www.suse.com/security/cve/CVE-2022-2301.html CVE-2022-2301 https://bugzilla.suse.com/1201211 SUSE Bug 1201211