Overview

File _patchinfo of Package patchinfo.33035

<patchinfo incident="33035">
  <issue tracker="bnc" id="1221797">VUL-0: CVE-2024-29131: apache-commons-configuration,apache-commons-configuration2: StackOverflowError adding property in AbstractListDelimiterHandler.flattenIterator()</issue>
  <issue tracker="bnc" id="1221793">VUL-0: CVE-2024-29133: apache-commons-configuration, apache-commons-configuration2: StackOverflowError calling ListDelimiterHandler.flatten(Object, int) with a cyclical object tree</issue>
  <issue tracker="cve" id="2024-29131"/>
  <issue tracker="cve" id="2024-29133"/>
  <packager>fstrba</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Security update for apache-commons-configuration</summary>
  <description>This update for apache-commons-configuration fixes the following issues:

- CVE-2024-29131: Fixed StackOverflowError adding property in AbstractListDelimiterHandler.flattenIterator() (bsc#1221797).
- CVE-2024-29133: Fixed StackOverflowError calling ListDelimiterHandler.flatten(Object, int) with a cyclical object tree (bsc#1221793).
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places