An update for nasm is now available for openEuler-20.03-LTS-SP1,openEuler-20.03-LTS-SP3,openEuler-22.03-LTS,openEuler-22.03-LTS-SP1 and openEuler-22.03-LTS-SP2 Security Advisory openeuler-security@openeuler.org openEuler security committee openEuler-SA-2023-1626 Final 1.0 1.0 2023-09-15 Initial 2023-09-15 2023-09-15 openEuler SA Tool V1.0 2023-09-15 nasm security update An update for nasm is now available for openEuler-20.03-LTS-SP1,openEuler-20.03-LTS-SP3,openEuler-22.03-LTS,openEuler-22.03-LTS-SP1 and openEuler-22.03-LTS-SP2. NASM is the Netwide Assembler, a free portable assembler for the Intel 80x86 microprocessor series, using primarily the traditional Intel instruction mnemonics and syntax. It also provides tools in RDOFF binary format, includes linker, library manager, loader, and information dump. Security Fix(es): A Segmentation Fault issue discovered in in ieee_segment function in outieee.c in nasm 2.14.03 and 2.15 allows remote attackers to cause a denial of service via crafted assembly file.(CVE-2020-21528) An update for nasm is now available for openEuler-20.03-LTS-SP1,openEuler-20.03-LTS-SP3,openEuler-22.03-LTS,openEuler-22.03-LTS-SP1 and openEuler-22.03-LTS-SP2. openEuler Security has rated this update as having a security impact of medium. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section. Medium nasm https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2023-1626 https://www.openeuler.org/en/security/cve/detail.html?id=CVE-2020-21528 https://nvd.nist.gov/vuln/detail/CVE-2020-21528 openEuler-20.03-LTS-SP1 openEuler-20.03-LTS-SP3 openEuler-22.03-LTS openEuler-22.03-LTS-SP1 openEuler-22.03-LTS-SP2 nasm-debugsource-2.15.03-7.oe1.aarch64.rpm nasm-debuginfo-2.15.03-7.oe1.aarch64.rpm nasm-2.15.03-7.oe1.aarch64.rpm nasm-debuginfo-2.15.03-7.oe1.aarch64.rpm nasm-2.15.03-7.oe1.aarch64.rpm nasm-debugsource-2.15.03-7.oe1.aarch64.rpm nasm-debugsource-2.15.05-6.oe2203.aarch64.rpm nasm-debuginfo-2.15.05-6.oe2203.aarch64.rpm nasm-2.15.05-6.oe2203.aarch64.rpm nasm-debugsource-2.15.05-6.oe2203sp1.aarch64.rpm nasm-2.15.05-6.oe2203sp1.aarch64.rpm nasm-debuginfo-2.15.05-6.oe2203sp1.aarch64.rpm nasm-debugsource-2.15.05-6.oe2203sp2.aarch64.rpm nasm-2.15.05-6.oe2203sp2.aarch64.rpm nasm-debuginfo-2.15.05-6.oe2203sp2.aarch64.rpm nasm-help-2.15.03-7.oe1.noarch.rpm nasm-help-2.15.03-7.oe1.noarch.rpm nasm-help-2.15.05-6.oe2203.noarch.rpm nasm-help-2.15.05-6.oe2203sp1.noarch.rpm nasm-help-2.15.05-6.oe2203sp2.noarch.rpm nasm-2.15.03-7.oe1.src.rpm nasm-2.15.03-7.oe1.src.rpm nasm-2.15.05-6.oe2203.src.rpm nasm-2.15.05-6.oe2203sp1.src.rpm nasm-2.15.05-6.oe2203sp2.src.rpm nasm-2.15.03-7.oe1.x86_64.rpm nasm-debuginfo-2.15.03-7.oe1.x86_64.rpm nasm-debugsource-2.15.03-7.oe1.x86_64.rpm nasm-debuginfo-2.15.03-7.oe1.x86_64.rpm nasm-debugsource-2.15.03-7.oe1.x86_64.rpm nasm-2.15.03-7.oe1.x86_64.rpm nasm-debugsource-2.15.05-6.oe2203.x86_64.rpm nasm-2.15.05-6.oe2203.x86_64.rpm nasm-debuginfo-2.15.05-6.oe2203.x86_64.rpm nasm-debugsource-2.15.05-6.oe2203sp1.x86_64.rpm nasm-debuginfo-2.15.05-6.oe2203sp1.x86_64.rpm nasm-2.15.05-6.oe2203sp1.x86_64.rpm nasm-debugsource-2.15.05-6.oe2203sp2.x86_64.rpm nasm-debuginfo-2.15.05-6.oe2203sp2.x86_64.rpm nasm-2.15.05-6.oe2203sp2.x86_64.rpm A Segmentation Fault issue discovered in in ieee_segment function in outieee.c in nasm 2.14.03 and 2.15 allows remote attackers to cause a denial of service via crafted assembly file. 2023-09-15 CVE-2020-21528 openEuler-20.03-LTS-SP1 openEuler-20.03-LTS-SP3 openEuler-22.03-LTS openEuler-22.03-LTS-SP1 openEuler-22.03-LTS-SP2 Medium 5.5 AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H nasm security update 2023-09-15 https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2023-1626