|
|
Log in / Subscribe / Register

Debian alert DLA-4454-1 (libuev)



From:
              Thorsten Alteholz <debian@alteholz.de>


To:
              debian-lts-announce@lists.debian.org


Subject:
              [SECURITY] [DLA 4454-1] libuev security update


Date:
              Sun, 25 Jan 2026 17:47:54 +0000


Message-ID:
              <2cb44f9e-4d35-b6fe-11a4-5d4ae4bdfe4@alteholz.de>


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian LTS Advisory DLA-4454-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/                    Thorsten Alteholz
January 25, 2026                              https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package        : libuev
Version        : 2.3.1-1+deb11u1
CVE ID         : CVE-2022-48620


An issue has been found in libuev, a lightweight event loop library for 
Linux. The issue is related to a possible buffer overrun in uev_run().


For Debian 11 bullseye, this problem has been fixed in version
2.3.1-1+deb11u1.

We recommend that you upgrade your libuev packages.

For the detailed security status of libuev please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/libuev

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAml2V0pfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy
MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcACgkQlvysDTh7
WEfZ/A/+N4xABkF+HfWcQ8WvxTDdXLwv7RZrYAbwcQL+gPorto0oljzE57V7+hmE
e2xVlco5ewplhCd08ZV/60y9vXFiUQ3azkWGykmi6W71wQrbwTnVWZ/2qkNFbye8
tc3uqAGKF0E/szobZUZPPm8477hQOtMyavN5Cs4m/hJxu6AKYHpgtWSa1+9vbtQa
YEfSZZAr0FLiYs9x9Yur0a42RvCpwXl5Jr4ZBiiDQgdWzAxRMFzZi7N2bcOYY2jD
CgIKgj1SO2tV85aiZosjeUMGM4FnNwW6bsUKGVYcHv4y/Dvu+3BskHWCtYJbj3p1
emOhifQyacYJjGOBco4K/QMJuyvGyl7k0GUD5+5swrQZ/jtzaQV66qeubKVrOxt4
n41GVZq7pjjUzh2ZEzgsnlJeNKesP7q8+glVqGZmtSKAdjyKoQLBFWOBcqrBXpFi
oSzB8D1giiKazUl6mTTr/vub2rjeosXhLURvFy7ufwYlepp89KTelSeRe701k6VN
XGICIjO4vMANmL+kUP4cVj0Xcq5V/NGFSDrhNTssLHn9AZVz+ouI1IM36ZHCAeZ4
qK3r3M/+1pTq7fo9shxrRqb6FtcLizQ3RMhtk+BU67gS/PASZhiI72lCpZQSX6Tm
bADDOAbfGZA+yUfZyvx4dNIY3QYAGa/3pkE72b1PsqfZTMP2bUw=
=bkGB
-----END PGP SIGNATURE-----
to post comments


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds