An update for indent is now available for openEuler-20.03-LTS-SP1,openEuler-20.03-LTS-SP4,openEuler-22.03-LTS,openEuler-22.03-LTS-SP1,openEuler-22.03-LTS-SP2 and openEuler-22.03-LTS-SP3
Security Advisory
openeuler-security@openeuler.org
openEuler security committee
openEuler-SA-2024-1199
Final
1.0
1.0
2024-02-23
Initial
2024-02-23
2024-02-23
openEuler SA Tool V1.0
2024-02-23
indent security update
An update for indent is now available for openEuler-20.03-LTS-SP1,openEuler-20.03-LTS-SP4,openEuler-22.03-LTS,openEuler-22.03-LTS-SP1,openEuler-22.03-LTS-SP2 and openEuler-22.03-LTS-SP3.
The indent program can be used to make code easier to read. It can also convert from one style of writing C to another. indent understands a substantial amount about the syntax of C, but it also attempts to cope with incomplete and misformed syntax.
Security Fix(es):
A flaw was found in indent, a program for formatting C code. This issue may allow an attacker to trick a user into processing a specially crafted file to trigger a heap-based buffer overflow, causing the application to crash.(CVE-2024-0911)
An update for indent is now available for openEuler-20.03-LTS-SP1,openEuler-20.03-LTS-SP4,openEuler-22.03-LTS,openEuler-22.03-LTS-SP1,openEuler-22.03-LTS-SP2 and openEuler-22.03-LTS-SP3.
openEuler Security has rated this update as having a security impact of medium. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.
Medium
indent
https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2024-1199
https://www.openeuler.org/en/security/cve/detail.html?id=CVE-2024-0911
https://nvd.nist.gov/vuln/detail/CVE-2024-0911
openEuler-20.03-LTS-SP1
openEuler-20.03-LTS-SP4
openEuler-22.03-LTS
openEuler-22.03-LTS-SP1
openEuler-22.03-LTS-SP2
openEuler-22.03-LTS-SP3
indent-debugsource-2.2.11-30.oe1.aarch64.rpm
indent-debuginfo-2.2.11-30.oe1.aarch64.rpm
indent-2.2.11-30.oe1.aarch64.rpm
indent-debugsource-2.2.11-30.oe2003sp4.aarch64.rpm
indent-2.2.11-30.oe2003sp4.aarch64.rpm
indent-debuginfo-2.2.11-30.oe2003sp4.aarch64.rpm
indent-debugsource-2.2.11-30.oe2203.aarch64.rpm
indent-debuginfo-2.2.11-30.oe2203.aarch64.rpm
indent-2.2.11-30.oe2203.aarch64.rpm
indent-debugsource-2.2.11-30.oe2203sp1.aarch64.rpm
indent-2.2.11-30.oe2203sp1.aarch64.rpm
indent-debuginfo-2.2.11-30.oe2203sp1.aarch64.rpm
indent-debugsource-2.2.11-30.oe2203sp2.aarch64.rpm
indent-2.2.11-30.oe2203sp2.aarch64.rpm
indent-debuginfo-2.2.11-30.oe2203sp2.aarch64.rpm
indent-debuginfo-2.2.11-30.oe2203sp3.aarch64.rpm
indent-2.2.11-30.oe2203sp3.aarch64.rpm
indent-debugsource-2.2.11-30.oe2203sp3.aarch64.rpm
indent-help-2.2.11-30.oe1.noarch.rpm
indent-help-2.2.11-30.oe2003sp4.noarch.rpm
indent-help-2.2.11-30.oe2203.noarch.rpm
indent-help-2.2.11-30.oe2203sp1.noarch.rpm
indent-help-2.2.11-30.oe2203sp2.noarch.rpm
indent-help-2.2.11-30.oe2203sp3.noarch.rpm
indent-2.2.11-30.oe1.src.rpm
indent-2.2.11-30.oe2003sp4.src.rpm
indent-2.2.11-30.oe2203.src.rpm
indent-2.2.11-30.oe2203sp1.src.rpm
indent-2.2.11-30.oe2203sp2.src.rpm
indent-2.2.11-30.oe2203sp3.src.rpm
indent-2.2.11-30.oe1.x86_64.rpm
indent-debugsource-2.2.11-30.oe1.x86_64.rpm
indent-debuginfo-2.2.11-30.oe1.x86_64.rpm
indent-debuginfo-2.2.11-30.oe2003sp4.x86_64.rpm
indent-2.2.11-30.oe2003sp4.x86_64.rpm
indent-debugsource-2.2.11-30.oe2003sp4.x86_64.rpm
indent-debuginfo-2.2.11-30.oe2203.x86_64.rpm
indent-2.2.11-30.oe2203.x86_64.rpm
indent-debugsource-2.2.11-30.oe2203.x86_64.rpm
indent-2.2.11-30.oe2203sp1.x86_64.rpm
indent-debugsource-2.2.11-30.oe2203sp1.x86_64.rpm
indent-debuginfo-2.2.11-30.oe2203sp1.x86_64.rpm
indent-debuginfo-2.2.11-30.oe2203sp2.x86_64.rpm
indent-debugsource-2.2.11-30.oe2203sp2.x86_64.rpm
indent-2.2.11-30.oe2203sp2.x86_64.rpm
indent-debuginfo-2.2.11-30.oe2203sp3.x86_64.rpm
indent-debugsource-2.2.11-30.oe2203sp3.x86_64.rpm
indent-2.2.11-30.oe2203sp3.x86_64.rpm
A flaw was found in Indent. This issue may allow a local user to use a specially-crafted file to trigger a heap-based buffer overflow, which can lead to an application crash.
2024-02-23
CVE-2024-0911
openEuler-20.03-LTS-SP1
openEuler-20.03-LTS-SP4
openEuler-22.03-LTS
openEuler-22.03-LTS-SP1
openEuler-22.03-LTS-SP2
openEuler-22.03-LTS-SP3
Medium
5.5
AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
indent security update
2024-02-23
https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2024-1199