{"affected":[{"ecosystem_specific":{"binaries":[{"libeconf0":"0.5.2-150300.3.11.1"}]},"package":{"ecosystem":"SUSE:Manager Proxy 4.2","name":"libeconf","purl":"pkg:rpm/suse/libeconf&distro=SUSE%20Manager%20Proxy%204.2"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"0.5.2-150300.3.11.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"libeconf0":"0.5.2-150300.3.11.1"}]},"package":{"ecosystem":"SUSE:Manager Server 4.2","name":"libeconf","purl":"pkg:rpm/suse/libeconf&distro=SUSE%20Manager%20Server%204.2"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"0.5.2-150300.3.11.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"libeconf0":"0.5.2-150300.3.11.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Micro 5.1","name":"libeconf","purl":"pkg:rpm/suse/libeconf&distro=SUSE%20Linux%20Enterprise%20Micro%205.1"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"0.5.2-150300.3.11.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"libeconf0":"0.5.2-150300.3.11.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Micro 5.2","name":"libeconf","purl":"pkg:rpm/suse/libeconf&distro=SUSE%20Linux%20Enterprise%20Micro%205.2"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"0.5.2-150300.3.11.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for libeconf fixes the following issues:\n\nUpdate to version 0.5.2.\n\n- CVE-2023-30078, CVE-2023-32181: Fixed a stack-buffer-overflow vulnerability in 'econf_writeFile' function (bsc#1211078).\n- CVE-2023-30079, CVE-2023-22652: Fixed a stack-buffer-overflow vulnerability in 'read_file' function. (bsc#1211078)\n\nThe following non-security bug was fixed:\n\n- Fixed parsing files correctly which have space characters AND none space characters as delimiters (bsc#1198165).\n","id":"SUSE-SU-2023:3639-1","modified":"2023-09-18T11:33:33Z","published":"2023-09-18T11:33:33Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2023/suse-su-20233639-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1198165"},{"type":"REPORT","url":"https://bugzilla.suse.com/1211078"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-22652"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-30078"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-30079"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-32181"}],"related":["CVE-2023-22652","CVE-2023-30078","CVE-2023-30079","CVE-2023-32181"],"summary":"Security update for libeconf","upstream":["CVE-2023-22652","CVE-2023-30078","CVE-2023-30079","CVE-2023-32181"]}