orc-0.4.31-7.el9_4

エラータID: AXSA:2024-8781:02

Release date: 
Friday, September 6, 2024 - 13:29
Subject: 
orc-0.4.31-7.el9_4
Affected Channels: 
MIRACLE LINUX 9 for x86_64
Severity: 
Moderate
Description: 

Orc is a library and set of tools for compiling and executing very simple programs that operate on arrays of data. The "language" is a generic assembly language that represents many of the features available in SIMD architectures, including saturated addition and subtraction, and many arithmetic operations.

Security Fix(es):

* orc: Stack-based buffer overflow vulnerability in ORC (CVE-2024-40897)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2024-40897
Stack-based buffer overflow vulnerability exists in orcparse.c of ORC versions prior to 0.4.39. If a developer is tricked to process a specially crafted file with the affected ORC compiler, an arbitrary code may be executed on the developer's build environment. This may lead to compromise of developer machines or CI build environments.

Solution: 

Update packages.

CVEs: 
CVE-2024-40897
Stack-based buffer overflow vulnerability exists in orcparse.c of ORC versions prior to 0.4.39. If a developer is tricked to process a specially crafted file with the affected ORC compiler, an arbitrary code may be executed on the developer's build environment. This may lead to compromise of developer machines or CI build environments.
Additional Info: 

N/A

Download: 

SRPMS
  1. orc-0.4.31-7.el9_4.src.rpm
    MD5: cace21d09756bc8117d03e112fb7bd6c
    SHA-256: c3fc618093f9031a49f0ffc3247ddbf59ad1754ce7d7f0c901a3e9e7118b7eda
    Size: 185.86 kB

Asianux Server 9 for x86_64
  1. orc-0.4.31-7.el9_4.i686.rpm
    MD5: 64b7b3309e25d6ace16fdad43b70691f
    SHA-256: bdc531c07d5e128553252a8e01b183f503797ce0dbf8aab1e20a17fa4e1acd03
    Size: 193.53 kB
  2. orc-0.4.31-7.el9_4.x86_64.rpm
    MD5: 8f56e8afe077800e05c0e8c05540fef7
    SHA-256: 9f02b339b3c2698094ca104b4ffe1a24c709330047917ed550634d402bb21ccc
    Size: 182.18 kB
  3. orc-compiler-0.4.31-7.el9_4.x86_64.rpm
    MD5: 2dab4489e3225df55de8f6f4930f559e
    SHA-256: bfd377aa974f778bd39da84196d5e28e8db65703912476717439f60a4f078ecc
    Size: 23.17 kB
  4. orc-devel-0.4.31-7.el9_4.i686.rpm
    MD5: 1f532d7fe6210151876a69f82abca2b7
    SHA-256: 3ca5601e4145e247e1a1ff51d218ac2e0ccee467b5cd2fa87e99ff67a33dbf3d
    Size: 50.25 kB
  5. orc-devel-0.4.31-7.el9_4.x86_64.rpm
    MD5: 8658367d70ff6776cc223d98da9d460e
    SHA-256: de6f3caaa9f4913e635ecfb387bad343548f466a49dc78380a51f92cbcf0d836
    Size: 50.25 kB