Описание
Security update for sane-backends
This update for sane-backends fixes the following issues:
- saned could have leaked uninitialized memory back to its requesters for some opcodes, allowing for information disclosure of saned memory (CVE-2017-6318, bsc#1027197).
Список пакетов
SUSE Linux Enterprise Server 11 SP4
sane-backends-1.0.20-7.8.1
SUSE Linux Enterprise Server for SAP Applications 11 SP4
sane-backends-1.0.20-7.8.1
SUSE Linux Enterprise Software Development Kit 11 SP4
sane-backends-32bit-1.0.20-7.8.1
sane-backends-autoconfig-1.0.20-7.8.1
sane-backends-x86-1.0.20-7.8.1
Ссылки
- Link for SUSE-SU-2017:0717-1
- E-Mail link for SUSE-SU-2017:0717-1
- SUSE Security Ratings
- SUSE Bug 1027197
- SUSE CVE CVE-2017-6318 page
Описание
saned in sane-backends 1.0.25 allows remote attackers to obtain sensitive memory information via a crafted SANE_NET_CONTROL_OPTION packet.
Затронутые продукты
SUSE Linux Enterprise Server 11 SP4:sane-backends-1.0.20-7.8.1
SUSE Linux Enterprise Server for SAP Applications 11 SP4:sane-backends-1.0.20-7.8.1
SUSE Linux Enterprise Software Development Kit 11 SP4:sane-backends-32bit-1.0.20-7.8.1
SUSE Linux Enterprise Software Development Kit 11 SP4:sane-backends-autoconfig-1.0.20-7.8.1
Ссылки
- CVE-2017-6318
- SUSE Bug 1027197