SUSE-SU-2015:2172-1

Опубликовано: 02 дек. 2015

Источник: suse-cvrf

Описание

Security update for orca

This orca update fixes the following security issue.

Don't try to import modules from current working directory (bsc#916835, CVE-2013-4245).

Список пакетов

SUSE Linux Enterprise Desktop 11 SP3

orca-2.28.3-0.5.10

orca-lang-2.28.3-0.5.10

SUSE Linux Enterprise Desktop 11 SP4

orca-2.28.3-0.5.10

orca-lang-2.28.3-0.5.10

SUSE Linux Enterprise Server 11 SP3

orca-2.28.3-0.5.10

orca-lang-2.28.3-0.5.10

SUSE Linux Enterprise Server 11 SP3-TERADATA

orca-2.28.3-0.5.10

orca-lang-2.28.3-0.5.10

SUSE Linux Enterprise Server 11 SP4

orca-2.28.3-0.5.10

orca-lang-2.28.3-0.5.10

SUSE Linux Enterprise Server for SAP Applications 11 SP3

orca-2.28.3-0.5.10

orca-lang-2.28.3-0.5.10

SUSE Linux Enterprise Server for SAP Applications 11 SP4

orca-2.28.3-0.5.10

orca-lang-2.28.3-0.5.10

Ссылки

https://www.suse.com/support/update/announcement/2015/suse-su-20152172-1/
Link for SUSE-SU-2015:2172-1
https://lists.suse.com/pipermail/sle-security-updates/2015-December/001710.html
E-Mail link for SUSE-SU-2015:2172-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/916835
SUSE Bug 916835
https://www.suse.com/security/cve/CVE-2013-4245/
SUSE CVE CVE-2013-4245 page

Описание

Orca has arbitrary code execution due to insecure Python module load

Затронутые продукты

SUSE Linux Enterprise Desktop 11 SP3:orca-2.28.3-0.5.10

SUSE Linux Enterprise Desktop 11 SP3:orca-lang-2.28.3-0.5.10

SUSE Linux Enterprise Desktop 11 SP4:orca-2.28.3-0.5.10

SUSE Linux Enterprise Desktop 11 SP4:orca-lang-2.28.3-0.5.10

Ссылки

https://www.suse.com/security/cve/CVE-2013-4245.html
CVE-2013-4245
https://bugzilla.suse.com/916835
SUSE Bug 916835

SUSE-SU-2015:2172-1

Описание

Список пакетов

SUSE Linux Enterprise Desktop 11 SP3

SUSE Linux Enterprise Desktop 11 SP4

SUSE Linux Enterprise Server 11 SP3

SUSE Linux Enterprise Server 11 SP3-TERADATA

SUSE Linux Enterprise Server 11 SP4

SUSE Linux Enterprise Server for SAP Applications 11 SP3

SUSE Linux Enterprise Server for SAP Applications 11 SP4

Ссылки

Уязвимость: CVE-2013-4245

Описание

Затронутые продукты

Ссылки