Описание
Security update for libmspack
libmspack was updated to fix one security issue.
This security issue was fixed:
- Possible DoS by infinite loop (bnc#912214, CVE-2014-9556)
The previous fix was not fully fixing this problem.
Список пакетов
SUSE Linux Enterprise Desktop 12
libmspack0-0.4-10.1
SUSE Linux Enterprise Server 12
libmspack0-0.4-10.1
SUSE Linux Enterprise Server for SAP Applications 12
libmspack0-0.4-10.1
SUSE Linux Enterprise Software Development Kit 12
libmspack-devel-0.4-10.1
Ссылки
- Link for SUSE-SU-2015:0506-1
- E-Mail link for SUSE-SU-2015:0506-1
- SUSE Security Ratings
- SUSE Bug 912214
- SUSE CVE CVE-2014-9556 page
Описание
Integer overflow in the qtmd_decompress function in libmspack 0.4 allows remote attackers to cause a denial of service (hang) via a crafted CAB file, which triggers an infinite loop.
Затронутые продукты
SUSE Linux Enterprise Desktop 12:libmspack0-0.4-10.1
SUSE Linux Enterprise Server 12:libmspack0-0.4-10.1
SUSE Linux Enterprise Server for SAP Applications 12:libmspack0-0.4-10.1
SUSE Linux Enterprise Software Development Kit 12:libmspack-devel-0.4-10.1
Ссылки
- CVE-2014-9556
- SUSE Bug 912214
- SUSE Bug 919283
- SUSE Bug 934533