Описание
Security update for rrdtool
This update for rrdtool provides the following fixes:
- CVE-2013-2131: Enhance imginfo format validation checks to prevent crashes. (bsc#828003)
- Add rrdtool-cached sub-package to SLE 12-SP1. (bsc#967671)
Список пакетов
SUSE Linux Enterprise Desktop 12 SP1
rrdtool-1.4.7-20.1
rrdtool-cached-1.4.7-20.1
SUSE Linux Enterprise Desktop 12 SP2
rrdtool-1.4.7-20.1
rrdtool-cached-1.4.7-20.1
SUSE Linux Enterprise Server 12 SP1
rrdtool-1.4.7-20.1
rrdtool-cached-1.4.7-20.1
SUSE Linux Enterprise Server 12 SP2
rrdtool-1.4.7-20.1
rrdtool-cached-1.4.7-20.1
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2
rrdtool-1.4.7-20.1
rrdtool-cached-1.4.7-20.1
SUSE Linux Enterprise Server for SAP Applications 12 SP1
rrdtool-1.4.7-20.1
rrdtool-cached-1.4.7-20.1
SUSE Linux Enterprise Server for SAP Applications 12 SP2
rrdtool-1.4.7-20.1
rrdtool-cached-1.4.7-20.1
SUSE Linux Enterprise Software Development Kit 12 SP1
rrdtool-devel-1.4.7-20.1
SUSE Linux Enterprise Software Development Kit 12 SP2
rrdtool-devel-1.4.7-20.1
Ссылки
- Link for SUSE-SU-2017:0103-1
- E-Mail link for SUSE-SU-2017:0103-1
- SUSE Security Ratings
- SUSE Bug 828003
- SUSE Bug 967671
- SUSE CVE CVE-2013-2131 page
Описание
Format string vulnerability in the rrdtool module 1.4.7 for Python, as used in Zenoss, allows context-dependent attackers to cause a denial of service (crash) via format string specifiers to the rrdtool.graph function.
Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP1:rrdtool-1.4.7-20.1
SUSE Linux Enterprise Desktop 12 SP1:rrdtool-cached-1.4.7-20.1
SUSE Linux Enterprise Desktop 12 SP2:rrdtool-1.4.7-20.1
SUSE Linux Enterprise Desktop 12 SP2:rrdtool-cached-1.4.7-20.1
Ссылки
- CVE-2013-2131
- SUSE Bug 828003