A wdiff security update has been released for SUSE Linux Enterprise 15 SP4.

openSUSE-SU-2022:10031-1: moderate: Security update for wdiff

openSUSE Security Update: Security update for wdiff
______________________________________________________________________________

Announcement ID: openSUSE-SU-2022:10031-1
Rating: moderate
References:
Cross-References: CVE-2012-3386
Affected Products:
openSUSE Backports SLE-15-SP4
______________________________________________________________________________

An update that fixes one vulnerability is now available.

Description:

This update for wdiff fixes the following issues:

This update ships wdiff.

Updated to 1.2.2:

* Updated Vietnamese, Swedish, Estonian, Chinese (traditional),
Brazilian Portuguese and Russian translations.
* Updated gnulib.
* Used more recent autotools: autoconf 2.69 and automake 1.14.1.

updated to 1.2.1:

* Added Esperanto translation.
* Updated Czech, German, Spanish, Finnish, Galician, Italian, Dutch,
Polish, Slovenian, Serbian, Swedish, Ukrainian and Vietnamese
translations.
* Updated gnulib.
* Recreated build system using recent versions of autotools. This will
avoid security issues in "make distcheck" target. (CVE-2012-3386)

updated to 1.1.2:

* Backport gnulib change to deal with removal of gets function. This is
a build-time-only fix. (Mentioned in Fedora bug #821791)
* Added Serbian translation.
* Updated Danish and Vietnamese translations.
* Work around a bug in the formatting of the man page. (Debian bug
#669340)
* Updated Czech, German, Spanish, Finnish, Dutch, Polish, Slovenian,
Swedish and Ukrainian translations.
* Fix several issue with the use of screen in the test suite.
* Allow WDIFF_PAGER to override PAGER environment variable.
* Do not autodetect less, so we don't auto-enable less-mode. This should
improve things for UTF8 text. (Savannah bug #34224) Less-mode is
considered deprecated, as it isn't fit for multi-byte encodings.
Nevertheless it can still be enabled on the command line.
* Introduces use of ngettext to allow correct handling of plural forms

updated to 1.0.1:

* Updated Polish, Ukrainian, Slovenian, Dutch, Finnish, Swedish and
Czech translations
* Changed major version to 1 to reflect maturity of the package
* Updated Dutch, French, Danish and Slovenian translations
* Added Ukrainian translation
* Improved error reporting in case a child process has problems
* Added tests to the test suite
* Updated gnulib

updated to 0.6.5:

* Never initialize or deinitialize terminals, as we do no cursor movement
* Deprecated --no-init-term (-K) command line option
* Avoid relative path in man pages
* Updated gnulib, might be particularly important for uClibc users

updated to 0.6.4:

* Updated Catalan translations
* Updated gnulib

update to 0.6.3:

* `wdiff -d' to read input from single unified diff, perhaps stdin.
* Updated texinfo documentation taking experimental switch into account.
* Experimental programs (mdiff & friends) and a configure switch
--enable-experimental to control them.
* Recent imports from gnulib, use of recent autotools.
* Improved autodetection of termcap library like ncurses.
* Reformatted translations, still a number of fuzzy translations.
* Changed from CVS to bzr for source code version control.
* Various bug fixes. See ChangeLog for a more exhaustive list.
* Introduce --with-default-pager=PAGER configure switch.
* Fix missing newline in info dir entry list.
* Fix shell syntax in configure script
* Updated gnulib and gettext, the latter to 0.18
* Updated Dutch translation
* Fixed a number of portability issues reported by maint.mk syntax checks
* Updated Italian and Swedish translations
* Updated gnulib

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Backports SLE-15-SP4:

zypper in -t patch openSUSE-2022-10031=1


Package List:

- openSUSE Backports SLE-15-SP4 (aarch64 i586 ppc64le s390x x86_64):

wdiff-1.2.2-bp154.2.1

- openSUSE Backports SLE-15-SP4 (noarch):

wdiff-lang-1.2.2-bp154.2.1

References:

  https://www.suse.com/security/cve/CVE-2012-3386.html