OESA-2024-1370
- Source
- https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1370
- Import Source
- https://repo.openeuler.org/security/data/osv/OESA-2024-1370.json
- JSON Data
- https://api.osv.dev/v1/vulns/OESA-2024-1370
- Upstream
- Published
- 2024-04-12T11:07:34Z
- Modified
- 2025-09-03T06:19:51.423730Z
- Summary
- unixODBC security update
- Details
-
The unixODBC Project goals are to develop and promote unixODBC to be the definitive standard for ODBC on non MS Windows platforms. This is to include GUI support for both KDE and GNOME.
Security Fix(es):
An out-of-bounds stack write flaw was found in unixODBC on 64-bit architectures where the caller has 4 bytes and callee writes 8 bytes. This issue may go unnoticed on little-endian architectures, while big-endian architectures can be broken.(CVE-2024-1013)
- Database specific
{ "severity": "High" }- References
Affected packages
openEuler:20.03-LTS-SP4 / unixODBC
Package
- Name
- unixODBC
- Purl
- pkg:rpm/openEuler/unixODBC&distro=openEuler-20.03-LTS-SP4
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.3.7-3.h1.oe2003sp4
Ecosystem specific
{
"src": [
"unixODBC-2.3.7-3.h1.oe2003sp4.src.rpm"
],
"x86_64": [
"unixODBC-debuginfo-2.3.7-3.h1.oe2003sp4.x86_64.rpm",
"unixODBC-debugsource-2.3.7-3.h1.oe2003sp4.x86_64.rpm",
"unixODBC-2.3.7-3.h1.oe2003sp4.x86_64.rpm",
"unixODBC-devel-2.3.7-3.h1.oe2003sp4.x86_64.rpm"
],
"aarch64": [
"unixODBC-devel-2.3.7-3.h1.oe2003sp4.aarch64.rpm",
"unixODBC-debugsource-2.3.7-3.h1.oe2003sp4.aarch64.rpm",
"unixODBC-debuginfo-2.3.7-3.h1.oe2003sp4.aarch64.rpm",
"unixODBC-2.3.7-3.h1.oe2003sp4.aarch64.rpm"
]
}