[CLSA-2025:1755114348] orc: Fix of CVE-2024-40897
Type:
security
Severity:
Moderate
Release date:
2025-08-13 19:45:52 UTC
Description:
- CVE-2024-40897: use vasprintf() if available for error messages and otherwise vsnprintf() to allocate as much memory as required and avoid buffer overflow
Updated packages:
  • orc-0.4.31-6.el9.tuxcare.els1.i686.rpm
    sha:e84dac54d9aa85dc6fc5709f75c9074bdbadc82508476b9219c575b2029d36b1
  • orc-0.4.31-6.el9.tuxcare.els1.x86_64.rpm
    sha:960f66da569b92472280e0a21424ab2e1ad3aa61ae0bf78c7193be3a52315d3b
  • orc-compiler-0.4.31-6.el9.tuxcare.els1.x86_64.rpm
    sha:585b63bc354ce6805cac3824993cfc7ed738886aa46c3c0168379e394d5758b7
  • orc-devel-0.4.31-6.el9.tuxcare.els1.i686.rpm
    sha:103bf31e70cb8b5374e4f6ef3997fbec7d962dd934e268f3883c86186d48feff
  • orc-devel-0.4.31-6.el9.tuxcare.els1.x86_64.rpm
    sha:b336ac72224686fd3b3f77c1ea96efa710692c23ec6e5afe2baca25f09a51ce2
  • orc-doc-0.4.31-6.el9.tuxcare.els1.noarch.rpm
    sha:24c36d61d000993ec013583b871dbd23ce02e3339b17cc5a1fb4518df5805cdd
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.