openSUSE Security Update: Security update for wdiff
______________________________________________________________________________

Announcement ID:    openSUSE-SU-2022:10031-1
Rating:             moderate
References:         
Cross-References:   CVE-2012-3386
Affected Products:
                    openSUSE Backports SLE-15-SP4
______________________________________________________________________________

   An update that fixes one vulnerability is now available.

Description:

   This update for wdiff fixes the following issues:

   This update ships wdiff.

   Updated to 1.2.2:

     * Updated Vietnamese, Swedish, Estonian, Chinese (traditional),
       Brazilian Portuguese and Russian translations.
     * Updated gnulib.
     * Used more recent autotools: autoconf 2.69 and automake 1.14.1.

   updated to 1.2.1:

     * Added Esperanto translation.
     * Updated Czech, German, Spanish, Finnish, Galician, Italian, Dutch,
       Polish, Slovenian, Serbian, Swedish, Ukrainian and Vietnamese
       translations.
     * Updated gnulib.
     * Recreated build system using recent versions of autotools. This will
       avoid security issues in "make distcheck" target. (CVE-2012-3386)

   updated to 1.1.2:

     * Backport gnulib change to deal with removal of gets function. This is
       a build-time-only fix. (Mentioned in Fedora bug #821791)
     * Added Serbian translation.
     * Updated Danish and Vietnamese translations.
     * Work around a bug in the formatting of the man page. (Debian bug
       #669340)
     * Updated Czech, German, Spanish, Finnish, Dutch, Polish, Slovenian,
       Swedish and Ukrainian translations.
     * Fix several issue with the use of screen in the test suite.
     * Allow WDIFF_PAGER to override PAGER environment variable.
     * Do not autodetect less, so we don't auto-enable less-mode. This should
       improve things for UTF8 text. (Savannah bug #34224) Less-mode is
       considered deprecated, as it isn't fit for multi-byte encodings.
       Nevertheless it can still be enabled on the command line.
     * Introduces use of ngettext to allow correct handling of plural forms

   updated to 1.0.1:

     * Updated Polish, Ukrainian, Slovenian, Dutch, Finnish, Swedish and
       Czech translations
     * Changed major version to 1 to reflect maturity of the package
     * Updated Dutch, French, Danish and Slovenian translations
     * Added Ukrainian translation
     * Improved error reporting in case a child process has problems
     * Added tests to the test suite
     * Updated gnulib

   updated to 0.6.5:

     * Never initialize or deinitialize terminals, as we do no cursor movement
     * Deprecated --no-init-term (-K) command line option
     * Avoid relative path in man pages
     * Updated gnulib, might be particularly important for uClibc users
   updated to 0.6.4:

     * Updated Catalan translations
     * Updated gnulib

   update to 0.6.3:

     * `wdiff -d' to read input from single unified diff, perhaps stdin.
     * Updated texinfo documentation taking experimental switch into account.
     * Experimental programs (mdiff & friends) and a configure switch
       --enable-experimental to control them.
     * Recent imports from gnulib, use of recent autotools.
     * Improved autodetection of termcap library like ncurses.
     * Reformatted translations, still a number of fuzzy translations.
     * Changed from CVS to bzr for source code version control.
     * Various bug fixes. See ChangeLog for a more exhaustive list.
     * Introduce --with-default-pager=PAGER configure switch.
     * Fix missing newline in info dir entry list.
     * Fix shell syntax in configure script
     * Updated gnulib and gettext, the latter to 0.18
     * Updated Dutch translation
     * Fixed a number of portability issues reported by maint.mk syntax checks
     * Updated Italian and Swedish translations
     * Updated gnulib


Patch Instructions:

   To install this openSUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - openSUSE Backports SLE-15-SP4:

      zypper in -t patch openSUSE-2022-10031=1



Package List:

   - openSUSE Backports SLE-15-SP4 (aarch64 i586 ppc64le s390x x86_64):

      wdiff-1.2.2-bp154.2.1

   - openSUSE Backports SLE-15-SP4 (noarch):

      wdiff-lang-1.2.2-bp154.2.1


References:

   https://www.suse.com/security/cve/CVE-2012-3386.html

openSUSE: 2022:10031-1 moderate: wdiff

June 25, 2022
An update that fixes one vulnerability is now available

Description

This update for wdiff fixes the following issues: This update ships wdiff. Updated to 1.2.2: * Updated Vietnamese, Swedish, Estonian, Chinese (traditional), Brazilian Portuguese and Russian translations. * Updated gnulib. * Used more recent autotools: autoconf 2.69 and automake 1.14.1. updated to 1.2.1: * Added Esperanto translation. * Updated Czech, German, Spanish, Finnish, Galician, Italian, Dutch, Polish, Slovenian, Serbian, Swedish, Ukrainian and Vietnamese translations. * Updated gnulib. * Recreated build system using recent versions of autotools. This will avoid security issues in "make distcheck" target. (CVE-2012-3386) updated to 1.1.2: * Backport gnulib change to deal with removal of gets function. This is a build-time-only fix. (Mentioned in Fedora bug #821791) * Added Serbian translation. * Updated Danish and Vietnamese translations. * Work around a bug in the formatting of the man page. (Debian bug #669340) * Updated Czech, German, Spanish, Finnish, Dutch, Polish, Slovenian, Swedish and Ukrainian translations. * Fix several issue with the use of screen in the test suite. * Allow WDIFF_PAGER to override PAGER environment variable. * Do not autodetect less, so we don't auto-enable less-mode. This should improve things for UTF8 text. (Savannah bug #34224) Less-mode is considered deprecated, as it isn't fit for multi-byte encodings. Nevertheless it can still be enabled on the command line. * Introduces use of ngettext to allow correct handling of plural forms updated to 1.0.1: * Updated Polish, Ukrainian, Slovenian, Dutch, Finnish, Swedish and Czech translations * Changed major version to 1 to reflect maturity of the package * Updated Dutch, French, Danish and Slovenian translations * Added Ukrainian translation * Improved error reporting in case a child process has problems * Added tests to the test suite * Updated gnulib updated to 0.6.5: * Never initialize or deinitialize terminals, as we do no cursor movement * Deprecated --no-init-term (-K) command line option * Avoid relative path in man pages * Updated gnulib, might be particularly important for uClibc users updated to 0.6.4: * Updated Catalan translations * Updated gnulib update to 0.6.3: * `wdiff -d' to read input from single unified diff, perhaps stdin. * Updated texinfo documentation taking experimental switch into account. * Experimental programs (mdiff & friends) and a configure switch --enable-experimental to control them. * Recent imports from gnulib, use of recent autotools. * Improved autodetection of termcap library like ncurses. * Reformatted translations, still a number of fuzzy translations. * Changed from CVS to bzr for source code version control. * Various bug fixes. See ChangeLog for a more exhaustive list. * Introduce --with-default-pager=PAGER configure switch. * Fix missing newline in info dir entry list. * Fix shell syntax in configure script * Updated gnulib and gettext, the latter to 0.18 * Updated Dutch translation * Fixed a number of portability issues reported by maint.mk syntax checks * Updated Italian and Swedish translations * Updated gnulib

 

Patch

Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15-SP4: zypper in -t patch openSUSE-2022-10031=1


Package List

- openSUSE Backports SLE-15-SP4 (aarch64 i586 ppc64le s390x x86_64): wdiff-1.2.2-bp154.2.1 - openSUSE Backports SLE-15-SP4 (noarch): wdiff-lang-1.2.2-bp154.2.1


References

https://www.suse.com/security/cve/CVE-2012-3386.html


Severity
Announcement ID: openSUSE-SU-2022:10031-1
Rating: moderate
Affected Products: openSUSE Backports SLE-15-SP4 .

Related News

30.Lock Globe Motherboard Esm H320
1 - 2 min read
The SPDX 3.0 release marks a significant milestone in software management, particularly for Linux admins, infosec professionals, internet security
11.Locks IsometricPattern Esm H320
2 - 3 min read
Open Source maintainers and developers have been warned about the continued wave of attacks aimed at project maintainers similar to those recently
28.Lock Globe Esm H320
1 - 2 min read
A resurgence of cyberattacks targeting Linux systems in Asian campaigns through the utilization of the Pupy Remote Access Trojan (RAT) has been
27.Tablet Connections Blocks Lock Esm H320
2 - 4 min read
Canonical has recently announced the Beta release of Ubuntu Linux 24.04 LTS , codenamed "Noble Numbat." This release aims to continue Ubuntu's
21.Globe RadiatingCode Esm H320
2 - 3 min read
The open-source movement has come a long way, from its origins in the 1960s and 1970s to becoming an integral part of organizations worldwide.
13.Lock StylizedMotherboard Esm H320
2 - 3 min read
The Rust-based Edera project demonstrates a unique approach to container security that addresses cloud-native computing challenges. Let's examine
8.Locks HexConnections CodeGlobe Esm H320
2 - 3 min read
Canonical has launched Ubuntu Pro for Devices , a comprehensive offering emphasizing security and compliance for IoT device deployments. This
2.Motherboard Esm H320
2 - 3 min read
The recently uncovered "Native Branch History Injection (BHI)" exploit against the Linux kernel marks a significant milestone in the ongoing battle

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved