Amazon Linux 2023 Security Advisory: ALAS-2023-294
Advisory Release Date: 2023-08-17 11:19 Pacific
Advisory Updated Date: 2023-08-23 22:29 Pacific
Severity:
Important
Issue Overview:
log_blackbox.c in libqb before 2.0.8 allows a buffer overflow via long log messages because the header size is not considered. (CVE-2023-39976)
Affected Packages:
libqb
Issue Correction:
Run dnf update libqb --releasever 2023.1.20230823 to update your system.
New Packages:
aarch64:
libqb-debuginfo-2.0.6-1.amzn2023.0.1.aarch64
doxygen2man-debuginfo-2.0.6-1.amzn2023.0.1.aarch64
doxygen2man-2.0.6-1.amzn2023.0.1.aarch64
libqb-debugsource-2.0.6-1.amzn2023.0.1.aarch64
libqb-2.0.6-1.amzn2023.0.1.aarch64
libqb-devel-2.0.6-1.amzn2023.0.1.aarch64
src:
libqb-2.0.6-1.amzn2023.0.1.src
x86_64:
libqb-debuginfo-2.0.6-1.amzn2023.0.1.x86_64
libqb-debugsource-2.0.6-1.amzn2023.0.1.x86_64
doxygen2man-debuginfo-2.0.6-1.amzn2023.0.1.x86_64
doxygen2man-2.0.6-1.amzn2023.0.1.x86_64
libqb-2.0.6-1.amzn2023.0.1.x86_64
libqb-devel-2.0.6-1.amzn2023.0.1.x86_64