SUSE-SU-2016:2618-1

Опубликовано: 24 окт. 2016

Источник: suse-cvrf

Описание

Security update for quagga

This update for quagga fixes the following issue:

CVE-2016-1245: Fix for a zebra stack overrun in IPv6 RA receive code (bsc#1005258).

Список пакетов

SUSE Linux Enterprise Server 12 SP1

quagga-0.99.22.1-15.1

SUSE Linux Enterprise Server for SAP Applications 12 SP1

quagga-0.99.22.1-15.1

SUSE Linux Enterprise Software Development Kit 12 SP1

quagga-devel-0.99.22.1-15.1

Ссылки

https://www.suse.com/support/update/announcement/2016/suse-su-20162618-1/
Link for SUSE-SU-2016:2618-1
https://lists.suse.com/pipermail/sle-security-updates/2016-October/002350.html
E-Mail link for SUSE-SU-2016:2618-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1005258
SUSE Bug 1005258
https://www.suse.com/security/cve/CVE-2016-1245/
SUSE CVE CVE-2016-1245 page

Описание

It was discovered that the zebra daemon in Quagga before 1.0.20161017 suffered from a stack-based buffer overflow when processing IPv6 Neighbor Discovery messages. The root cause was relying on BUFSIZ to be compatible with a message size; however, BUFSIZ is system-dependent.

Затронутые продукты

SUSE Linux Enterprise Server 12 SP1:quagga-0.99.22.1-15.1

SUSE Linux Enterprise Server for SAP Applications 12 SP1:quagga-0.99.22.1-15.1

SUSE Linux Enterprise Software Development Kit 12 SP1:quagga-devel-0.99.22.1-15.1

Ссылки

https://www.suse.com/security/cve/CVE-2016-1245.html
CVE-2016-1245
https://bugzilla.suse.com/1005258
SUSE Bug 1005258

SUSE-SU-2016:2618-1

Описание

Список пакетов

SUSE Linux Enterprise Server 12 SP1

SUSE Linux Enterprise Server for SAP Applications 12 SP1

SUSE Linux Enterprise Software Development Kit 12 SP1

Ссылки

Уязвимость: CVE-2016-1245

Описание

Затронутые продукты

Ссылки