SUSE-SU-2016:0061-1

Опубликовано: 08 янв. 2016

Источник: suse-cvrf

Описание

Security update for libpng12-0

security update: This update fixes the following securit issue:
- CVE-2015-8126 Multiple buffer overflows in the png_set_PLTE and png_get_PLTE functions allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact [bsc#954980]

Список пакетов

SUSE Linux Enterprise Desktop 11 SP3

libpng12-0-1.2.31-5.38.1

libpng12-0-32bit-1.2.31-5.38.1

SUSE Linux Enterprise Desktop 11 SP4

libpng12-0-1.2.31-5.38.1

libpng12-0-32bit-1.2.31-5.38.1

SUSE Linux Enterprise Server 11 SP3

libpng12-0-1.2.31-5.38.1

libpng12-0-32bit-1.2.31-5.38.1

libpng12-0-x86-1.2.31-5.38.1

SUSE Linux Enterprise Server 11 SP3-TERADATA

libpng12-0-1.2.31-5.38.1

libpng12-0-32bit-1.2.31-5.38.1

libpng12-0-x86-1.2.31-5.38.1

SUSE Linux Enterprise Server 11 SP4

libpng12-0-1.2.31-5.38.1

libpng12-0-32bit-1.2.31-5.38.1

libpng12-0-x86-1.2.31-5.38.1

SUSE Linux Enterprise Server for SAP Applications 11 SP3

libpng12-0-1.2.31-5.38.1

libpng12-0-32bit-1.2.31-5.38.1

libpng12-0-x86-1.2.31-5.38.1

SUSE Linux Enterprise Server for SAP Applications 11 SP4

libpng12-0-1.2.31-5.38.1

libpng12-0-32bit-1.2.31-5.38.1

libpng12-0-x86-1.2.31-5.38.1

SUSE Linux Enterprise Software Development Kit 11 SP3

libpng-devel-1.2.31-5.38.1

libpng-devel-32bit-1.2.31-5.38.1

SUSE Linux Enterprise Software Development Kit 11 SP4

libpng-devel-1.2.31-5.38.1

libpng-devel-32bit-1.2.31-5.38.1

Ссылки

https://www.suse.com/support/update/announcement/2016/suse-su-20160061-1/
Link for SUSE-SU-2016:0061-1
https://lists.suse.com/pipermail/sle-security-updates/2016-January/001790.html
E-Mail link for SUSE-SU-2016:0061-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/954980
SUSE Bug 954980
https://www.suse.com/security/cve/CVE-2015-8126/
SUSE CVE CVE-2015-8126 page

Описание

Multiple buffer overflows in the (1) png_set_PLTE and (2) png_get_PLTE functions in libpng before 1.0.64, 1.1.x and 1.2.x before 1.2.54, 1.3.x and 1.4.x before 1.4.17, 1.5.x before 1.5.24, and 1.6.x before 1.6.19 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a small bit-depth value in an IHDR (aka image header) chunk in a PNG image.

Затронутые продукты

SUSE Linux Enterprise Desktop 11 SP3:libpng12-0-1.2.31-5.38.1

SUSE Linux Enterprise Desktop 11 SP3:libpng12-0-32bit-1.2.31-5.38.1

SUSE Linux Enterprise Desktop 11 SP4:libpng12-0-1.2.31-5.38.1

SUSE Linux Enterprise Desktop 11 SP4:libpng12-0-32bit-1.2.31-5.38.1

Ссылки

https://www.suse.com/security/cve/CVE-2015-8126.html
CVE-2015-8126
https://bugzilla.suse.com/954980
SUSE Bug 954980
https://bugzilla.suse.com/958198
SUSE Bug 958198
https://bugzilla.suse.com/960402
SUSE Bug 960402
https://bugzilla.suse.com/962743
SUSE Bug 962743
https://bugzilla.suse.com/963937
SUSE Bug 963937
https://bugzilla.suse.com/969333
SUSE Bug 969333

SUSE-SU-2016:0061-1

Описание

Список пакетов

SUSE Linux Enterprise Desktop 11 SP3

SUSE Linux Enterprise Desktop 11 SP4

SUSE Linux Enterprise Server 11 SP3

SUSE Linux Enterprise Server 11 SP3-TERADATA

SUSE Linux Enterprise Server 11 SP4

SUSE Linux Enterprise Server for SAP Applications 11 SP3

SUSE Linux Enterprise Server for SAP Applications 11 SP4

SUSE Linux Enterprise Software Development Kit 11 SP3

SUSE Linux Enterprise Software Development Kit 11 SP4

Ссылки

Уязвимость: CVE-2015-8126

Описание

Затронутые продукты

Ссылки