openSUSE-SU-2023:0413-1: moderate: Security update for cppcheck
openSUSE Security Update: Security update for cppcheck ______________________________________________________________________________ Announcement ID: openSUSE-SU-2023:0413-1 Rating: moderate References: #1215233 Cross-References: CVE-2023-39070 CVSS scores: CVE-2023-39070 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: openSUSE Backports SLE-15-SP5 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for cppcheck fixes the following issues: - CVE-2023-39070: Fixed heap use-after-free in removeContradiction() (boo#1215233) - update to 2.12.1: * Support importing projects with project-name - update to 2.12.0: * uselessOverride finds overriding functions that either duplicate code from or delegate back to the base class implementation * knownPointerToBool finds pointer to bool conversions that are always true or false * truncLongCastAssignment and truncLongCastReturn check additional types, including float/double/long double * duplInheritedMember also reports duplicated member functions * constParameter*/constVariable* checks find more instances of pointers/references that can be const, e.g. when calling library functions * Write how many checkers was activated after a run * Added --checkers-report that can be used to generate a report in a file that shows what checkers was activated and disabled * The qmake build system has been deprecated and will be removed in a future version. * Command-line option '--template - update to 2.11: * pop_back on empty container is UB * Improve useStlAlgorithm check to handle many more conditions in the loop for any_of, all_of and none_of algorithms * ValueFlow can evaluate the return value of functions even when conditionals are used * ValueFlow will now forward the container sizes being returned from a function * ValueFlow can infer possible values from possible symbolic values * Improve valueflow after pushing to container * The new option --check-level= has been added that controls how much checking is made by Cppcheck. The default checking level is "normal". If you feel that you can wait longer on results you can use --check-level=exhaustive. * It is no longer necessary to run "--check-config" to get detailed "missingInclude" and "missingIncludeSystem" messages. They will always be issued in the regular analysis if "missingInclude" is enabled. * "missingInclude" and "missingIncludeSystem" are reported with "-j" is > 1 and processes are used in the backend (default in non-Windows binaries) * "missingInclude" and "missingIncludeSystem" will now cause the "--error-exitcode" to be applied * "--enable=information" will no longer implicitly enable "missingInclude" starting with 2.16. Please enable it explicitly if you require it. * The `constParameter` and `constVariable` checks have been split into 3 different IDs based on if the variable is a pointer, a reference, or local. The different IDs will allow users to suppress different const warning based on variable type. * `constParameter` * `constParameterReference` * `constParameterPointer` * `constVariable` * `constVariableReference` * `constVariablePointer` * More command-line parameters will now check if the given integer argument is actually valid. Several other internal string-to-integer conversions will now be error checked. * scanning projects (with -j1) will now defer the analysis of markup files until the whole code was processed - update to 2.10.3: * SymbolDatabase: Fix handling of function pointer arguments - update to 2.10.2: * GUI: Set proper title for compliance report dialog * GUI: Generate compliance report * Tokenizer: tweaked simplification of function pointers * fix whole program analysis * Import Project: Fix problem with define value with space * Fix execution of executable addons from GUI * fix for windows installer, no other changes * Fixes when importing AST from clang * comments can be added at end of suppression in suppressions file is similar to GCC. If you want to get warnings in the old * Added Cppcheck annotations cppcheck_low(VALUE) and * Added API01-C: Avoid laying out strings in memory directly * Duplicate expression for condition and assignment: if (x==3) x=3; * Patch was submitted (https://github.com/danmar/cppcheck/pull/1554) and accepted so this change should be reverted and replaced with a CMake compile definition - Multifile checking for buffer overruns and uninitialized - A bunch of additions to several Libraries, especially * Additionally, lots of false positives and bugs have been fixed and several existing checks have been improved. - Library files have now a 'format' attribute. Format version - Cppcheck does no longer abort checking if unhandled - Detect shift by too many bits, signed integer overflow and - Dead pointer usage when pointer alias local variable that - Improved AST creation (support placement new, C++-style - Support GCC extension __attriute__((used)) and MSVC - Better support for static member variables, inherited - Improved typedef support where multiple variables are - Avoid checking code multiple times by calculating a checksum. - HTML report: display 'verbose' message using clickable * Additionally, lots of false positives and bugs have been fixed - Returning references to literals or references to calculation - Enhanced support for commutative operators in duplicate - Definition of minsize for buffer arguments in .cfg files - Fixed handling of #error: Do not report them if -f and -D - Generate xml dump of AST/ValueFlow/SymbolDatabase/TokenList - Cppcheck requires a C++11 compiler supporting the common subset of features supported by GCC 4.4, Visual Studio 2010 - Much improved support of complex combinations of function - More robust error detection in several checks due to usage - Allocation/Deallocation functions can be extend across - Better handling of some C++11 language features like enum - Check for unhandled exceptions when exception specifiers * Additionally, a large number of false positives and crashs has been fixed. - New option to enable warnings but not style messages: - Cppcheck used to skip includes where the header filename is enclosed in <>. You can now include these headers also by using -I. - New POSIX checks: pipe() buffer size, redundant calls of set/get user id, too big value passed to usleep(), buffer - Storing getc() return value in char variable and comparing - Portability check that warns when using NULL as argument to variadic function. It has undefined behaviour on some - Improved checking for uninitialized struct members, - Added --include to the cppcheck command line client. This forces inclusion of the given file. This can for instance be used - The threads handling has been improved. Using -jN now works in - NULL pointers: Improved checking of default function argument values. - full change log http://raw.github.com/danmar/cppcheck/master/Changelog Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15-SP5: zypper in -t patch openSUSE-2023-413=1 Package List: - openSUSE Backports SLE-15-SP5 (aarch64 ppc64le s390x x86_64): cppcheck-2.12.1-bp155.2.3.1 cppcheck-gui-2.12.1-bp155.2.3.1 References: https://www.suse.com/security/cve/CVE-2023-39070.html https://bugzilla.suse.com/1215233
participants (1)
-
opensuse-security@opensuse.org