Описание
Security update for vorbis-tools
This update fixes the following security issue:
- A crafted raw file used as input could cause a segmentation fault (CVE-2014-9640, bsc#914938)
Список пакетов
SUSE Linux Enterprise Desktop 12
vorbis-tools-1.4.0-19.1
vorbis-tools-lang-1.4.0-19.1
SUSE Linux Enterprise Server 12
vorbis-tools-1.4.0-19.1
vorbis-tools-lang-1.4.0-19.1
SUSE Linux Enterprise Server for SAP Applications 12
vorbis-tools-1.4.0-19.1
vorbis-tools-lang-1.4.0-19.1
Ссылки
- Link for SUSE-SU-2015:0367-1
- E-Mail link for SUSE-SU-2015:0367-1
- SUSE Security Ratings
- SUSE Bug 914938
- SUSE CVE CVE-2014-9640 page
Описание
oggenc/oggenc.c in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted raw file.
Затронутые продукты
SUSE Linux Enterprise Desktop 12:vorbis-tools-1.4.0-19.1
SUSE Linux Enterprise Desktop 12:vorbis-tools-lang-1.4.0-19.1
SUSE Linux Enterprise Server 12:vorbis-tools-1.4.0-19.1
SUSE Linux Enterprise Server 12:vorbis-tools-lang-1.4.0-19.1
Ссылки
- CVE-2014-9640
- SUSE Bug 912214
- SUSE Bug 914938
- SUSE Bug 919283