Описание
Security update for sblim-sfcb
This update of sblim-sfcb fixes a potential NULL pointer crash in lookupProviders() (CVE-2015-5185).
Список пакетов
SUSE Linux Enterprise Desktop 12
sblim-sfcb-1.4.8-5.3.3
SUSE Linux Enterprise Server 12
sblim-sfcb-1.4.8-5.3.3
SUSE Linux Enterprise Server for SAP Applications 12
sblim-sfcb-1.4.8-5.3.3
Ссылки
- Link for SUSE-SU-2015:2116-1
- E-Mail link for SUSE-SU-2015:2116-1
- SUSE Security Ratings
- SUSE Bug 942628
- SUSE CVE CVE-2015-5185 page
Описание
The lookupProviders function in providerMgr.c in sblim-sfcb 1.3.4 and 1.3.18 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an empty className in a packet.
Затронутые продукты
SUSE Linux Enterprise Desktop 12:sblim-sfcb-1.4.8-5.3.3
SUSE Linux Enterprise Server 12:sblim-sfcb-1.4.8-5.3.3
SUSE Linux Enterprise Server for SAP Applications 12:sblim-sfcb-1.4.8-5.3.3
Ссылки
- CVE-2015-5185
- SUSE Bug 942628