Описание
Security update for firebird
This update for firebird fixes the following security issues:
- CVE-2017-6369: Insufficient checks in the UDF subsystem in Firebird allowed remote authenticated users to execute code by using a 'system' entrypoint from fbudf.so (bsc#1023990).
Список пакетов
SUSE Linux Enterprise Desktop 12 SP1
libfbembed2_5-2.5.2.26539-15.1
SUSE Linux Enterprise Desktop 12 SP2
libfbembed2_5-2.5.2.26539-15.1
SUSE Linux Enterprise Software Development Kit 12 SP1
firebird-devel-2.5.2.26539-15.1
libfbembed-devel-2.5.2.26539-15.1
libfbembed2_5-2.5.2.26539-15.1
SUSE Linux Enterprise Software Development Kit 12 SP2
libfbembed-devel-2.5.2.26539-15.1
libfbembed2_5-2.5.2.26539-15.1
SUSE Linux Enterprise Workstation Extension 12 SP1
libfbembed2_5-2.5.2.26539-15.1
SUSE Linux Enterprise Workstation Extension 12 SP2
libfbembed2_5-2.5.2.26539-15.1
Ссылки
- Link for SUSE-SU-2017:1156-1
- E-Mail link for SUSE-SU-2017:1156-1
- SUSE Security Ratings
- SUSE Bug 1023990
- SUSE CVE CVE-2017-6369 page
Описание
Insufficient checks in the UDF subsystem in Firebird 2.5.x before 2.5.7 and 3.0.x before 3.0.2 allow remote authenticated users to execute code by using a 'system' entrypoint from fbudf.so.
Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP1:libfbembed2_5-2.5.2.26539-15.1
SUSE Linux Enterprise Desktop 12 SP2:libfbembed2_5-2.5.2.26539-15.1
SUSE Linux Enterprise Software Development Kit 12 SP1:firebird-devel-2.5.2.26539-15.1
SUSE Linux Enterprise Software Development Kit 12 SP1:libfbembed-devel-2.5.2.26539-15.1
Ссылки
- CVE-2017-6369
- SUSE Bug 1023990