Overview

File _patchinfo of Package patchinfo.40102

<patchinfo incident="40102">
  <issue tracker="bnc" id="1247207">VUL-0: CVE-2024-58266: rav1e: shlex: certain bytes allowed to appear unquoted and unescaped in command arguments</issue>
  <issue tracker="bnc" id="1230028">VUL-0: rav1e: rust-shlex: Multiple issues involving quote API ( RUSTSEC-2024-0006, GHSA-r7qv-8r2h-pg27)</issue>
  <issue tracker="cve" id="2024-58266"/>
  <packager>xiaoguang_wang</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Security update for rav1e</summary>
  <description>This update for rav1e fixes the following issues:

- Update crate shlex to 1.3.0:
  * CVE-2024-58266: Fixed command injection (bsc#1247207)
  * RUSTSEC-2024-0006: Fixed multiple issues involving quote API (bsc#1230028)
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places