Lector de Feeds

Link to gcc porting notes

← Older revision Revision as of 01:17, 26 April 2025 (One intermediate revision by the same user not shown)Line 49: Line 49:     '''Solution''': Patch the source to #include the right standard header file. It's probably an obvious one like #include <stdlib.h> or #include <string.h>. '''Solution''': Patch the source to #include the right standard header file. It's probably an obvious one like #include <stdlib.h> or #include <string.h>.  +  +Added for mga10.  +  +== incompatibleptr ==  +  +'''Problem''': A function is being passed in a value that doesn't match the type in the function prototype.  +  +'''Solution''': If it is a function pointer being called that does not have a full prototype, [https://gcc.gnu.org/gcc-15/porting_to.html#c23 gcc >= 15] assumes arguments are int, whereas previous versions did not check the type of arguments in this case. If lacking a full prototype is the problem and there is no function prototype, add one in an appropriate .h file (or make the partial prototype complete). If compiling a library, make sure that a new prototype doesn't affect backwards compatibility with older applications using the library. If it's not possible to add a prototype, you can add the ''-std=gnu17'' compiler option (e.g. by appending to ''CFLAGS'' before the build step) to revert to the old behaviour (but don't do this to fix a library because it means that all applications using the library will also need to add the flag). If there ''is'' a prototype but it does not match the number of arguments passed in, then it is a compatibility break, likely with some dependent library, and the application will need to be patched to use the correct arguments.     Added for mga10. Added for mga10. Line 139: Line 147:     '''More info''': https://gcc.gnu.org/gcc-14/porting_to.html '''More info''': https://gcc.gnu.org/gcc-14/porting_to.html  +  +Added for mga10.  +  +== toomanyargs ==  +  +'''Problem''': A function is being called that takes more arguments than are being given.  +  +'''Solution''': If the function does not have a prototype, [https://gcc.gnu.org/gcc-15/porting_to.html#c23 gcc >= 15] assumes it takes 0 arguments, whereas previous versions did not check the number of arguments in this case. If lacking a prototype is the problem and there is no function prototype, add one in an appropriate .h file. If compiling a library, make sure that a new prototype doesn't affect backwards compatibility with older applications using the library. If it's not possible to add a prototype, you can add the ''-std=gnu17'' compiler option (e.g. by appending to ''CFLAGS'' before the build step) to revert to the old behaviour (but don't do this to fix a library because it means that all applications using the library will also need to add the flag). If there ''is'' a prototype but it does not match the number of arguments passed in, then it is a compatibility break, likely with some dependent library, and the application will need to be patched to use the correct arguments.     Added for mga10. Added for mga10. Danf

Publication date: 25 Apr 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-32414 , CVE-2025-32415 Description [CVE-2025-32414] Buffer overflow when parsing text streams with Python API [CVE-2025-32415] Heap-based Buffer Overflow in xmlSchemaIDCFillNodeTables References

• https://bugs.mageia.org/show_bug.cgi?id=34210
• https://openwall.com/lists/oss-security/2025/04/17/3
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32414
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32415

SRPMS 9/core

• libxml2-2.10.4-1.7.mga9

Publication date: 25 Apr 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-32464 Description BUG/MEDIUM: sample: fix risk of overflow when replacing multiple regex back-refsAleandro Prudenzano of Doyensec and Edoardo Geraci of Codean Labs reported a bug in sample_conv_regsub(), which can cause replacements of multiple back-references to overflow the temporary trash buffer. The problem happens when doing "regsub(match,replacement,g)": we're replacing every occurrence of "match" with "replacement" in the input sample, which requires a length check. For this, a max is applied, so that a replacement may not use more than the remaining length in the buffer. However, the length check is made on the replaced pattern and not on the temporary buffer used to carry the new string. This results in the remaining size to be usable for each input match, which can go beyond the temporary buffer size if more than one occurrence has to be replaced with something that's larger than the remaining room. References

• https://bugs.mageia.org/show_bug.cgi?id=34186
• https://ubuntu.com/security/notices/USN-7431-1
• https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/QIY5CFNUWQY6R6BCFXJMFVWXB3WVUQRS/
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32464

SRPMS 9/core

• haproxy-2.8.14-1.1.mga9