File _patchinfo of Package patchinfo.42054
<patchinfo incident="42054"> <issue tracker="bnc" id="1255310">VUL-0: CVE-2025-68114: capstone: Unchecked vsnprintf return in SStream_concat allows stack buffer underflow&overflow</issue> <issue tracker="bnc" id="1255309">VUL-0: CVE-2025-67873: capstone: Skipdata length unchecked leads to cs_insn.bytes heap buffer overflow</issue> <issue tracker="cve" id="2025-68114"/> <issue tracker="cve" id="2025-67873"/> <packager>dfaggioli</packager> <rating>moderate</rating> <category>security</category> <summary>Security update for capstone</summary> <description>This update for capstone fixes the following issues: Security issues fixed: - CVE-2025-67873: missing bounds check on user-provided skipdata callback can lead to a heap buffer overflow (bsc#1255309). - CVE-2025-68114: unchecked `vsnprintf` return value can lead to a stack buffer overflow (bsc#1255310). Other updates and bugfixes: - Enable static library, and add `libcapstone-devel-static` subpackage. </description> </patchinfo>
