Ubuntu Security Notice USN-5842-1

Ubuntu Security Notice USN-5842-1: Posted Feb 6, 2023; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 5842-1 - Mark Esler and David Fernandez Gonzalez discovered that EditorConfig Core C incorrectly handled memory when handling certain inputs. An attacker could possibly use this issue to cause applications using EditorConfig Core C to crash, resulting in a denial of service, or possibly execute arbitrary code.; tags | advisory, denial of service, arbitrary; systems | linux, ubuntu; advisories | CVE-2023-0341; SHA-256 | 91d72bd30044e467e8564947c64ad93c38ac37b57cd995da0d690e3fe2408a28; Download | Favorite | View

Ubuntu Security Notice USN-5842-1

==========================================================================
Ubuntu Security Notice USN-5842-1
February 06, 2023

editorconfig-core vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 22.10
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 16.04 ESM

Summary:

EditorConfig Core C could be made to crash or run programs if it received
specially crafted input.

Software Description:
- editorconfig-core: coding style indenter for all editors

Details:

Mark Esler and David Fernandez Gonzalez discovered that EditorConfig Core C
incorrectly handled memory when handling certain inputs. An attacker could
possibly use this issue to cause applications using EditorConfig Core C
to crash, resulting in a denial of service, or possibly execute
arbitrary code.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 22.10:
   editorconfig                    0.12.5-2.1ubuntu0.1
   libeditorconfig0                0.12.5-2.1ubuntu0.1

Ubuntu 22.04 LTS:
   editorconfig                    0.12.5-2ubuntu0.1~esm1
   libeditorconfig0                0.12.5-2ubuntu0.1~esm1

Ubuntu 20.04 LTS:
   editorconfig                    0.12.1-1.1ubuntu0.20.04.1~esm1
   libeditorconfig0                0.12.1-1.1ubuntu0.20.04.1~esm1

Ubuntu 18.04 LTS:
   editorconfig                    0.12.1-1.1ubuntu0.18.04.1~esm1
   libeditorconfig-dev             0.12.1-1.1ubuntu0.18.04.1~esm1
   libeditorconfig0                0.12.1-1.1ubuntu0.18.04.1~esm1

Ubuntu 16.04 ESM:
   editorconfig                    0.12.0-2ubuntu0.1~esm1
   libeditorconfig0                0.12.0-2ubuntu0.1~esm1

In general, a standard system update will make all the necessary changes.

References:
   https://ubuntu.com/security/notices/USN-5842-1
   CVE-2023-0341

Package Information:
https://launchpad.net/ubuntu/+source/editorconfig-core/0.12.5-2.1ubuntu0.1
https://launchpad.net/ubuntu/+source/editorconfig-core/0.12.5-2ubuntu0.1~esm1
https://launchpad.net/ubuntu/+source/editorconfig-core/0.12.1-1.1ubuntu0.20.04.1~esm1
https://launchpad.net/ubuntu/+source/editorconfig-core/0.12.1-1.1ubuntu0.18.04.1~esm1

Top Authors In Last 30 Days

Red Hat 287 files
Ubuntu 60 files
Debian 32 files
Gentoo 28 files
LiquidWorm 10 files
nu11secur1ty 7 files
Adam Gowdiak 4 files
liquidsky 3 files
kai6u 3 files
malvuln 3 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,036)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,495)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,567)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,739)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,489)
UNIX (9,397)
UnixWare (187)
Windows (6,656)
Other

Ubuntu Security Notice USN-5842-1

Ubuntu Security Notice USN-5842-1

File Archive:

May 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Ubuntu Security Notice USN-5842-1

Share This

Ubuntu Security Notice USN-5842-1

File Archive:

May 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems