Описание
Security update for sblim-sfcb
This update of sblim-sfcb fixes a potential NULL pointer crash in lookupProviders() (CVE-2015-5185).
Список пакетов
SUSE Linux Enterprise Desktop 11 SP3
sblim-sfcb-1.3.11-0.25.4
SUSE Linux Enterprise Desktop 11 SP4
sblim-sfcb-1.3.11-0.25.4
SUSE Linux Enterprise Server 11 SP3
sblim-sfcb-1.3.11-0.25.4
SUSE Linux Enterprise Server 11 SP3-TERADATA
sblim-sfcb-1.3.11-0.25.4
SUSE Linux Enterprise Server 11 SP4
sblim-sfcb-1.3.11-0.25.4
SUSE Linux Enterprise Server for SAP Applications 11 SP3
sblim-sfcb-1.3.11-0.25.4
SUSE Linux Enterprise Server for SAP Applications 11 SP4
sblim-sfcb-1.3.11-0.25.4
Ссылки
- Link for SUSE-SU-2015:2218-1
- E-Mail link for SUSE-SU-2015:2218-1
- SUSE Security Ratings
- SUSE Bug 942628
- SUSE CVE CVE-2015-5185 page
Описание
The lookupProviders function in providerMgr.c in sblim-sfcb 1.3.4 and 1.3.18 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an empty className in a packet.
Затронутые продукты
SUSE Linux Enterprise Desktop 11 SP3:sblim-sfcb-1.3.11-0.25.4
SUSE Linux Enterprise Desktop 11 SP4:sblim-sfcb-1.3.11-0.25.4
SUSE Linux Enterprise Server 11 SP3-TERADATA:sblim-sfcb-1.3.11-0.25.4
SUSE Linux Enterprise Server 11 SP3:sblim-sfcb-1.3.11-0.25.4
Ссылки
- CVE-2015-5185
- SUSE Bug 942628