SUSE-SU-2017:2141-1

Опубликовано: 11 авг. 2017

Источник: suse-cvrf

Описание

Security update for libxml2

This update for libxml2 fixes the following issues:

Security issues fixed:

CVE-2017-8872: Out-of-bounds read in htmlParseTryOrFinish. (bsc#1038444)

Список пакетов

SUSE Linux Enterprise Desktop 12 SP2

libxml2-2-2.9.4-46.3.2

libxml2-2-32bit-2.9.4-46.3.2

libxml2-tools-2.9.4-46.3.2

python-libxml2-2.9.4-46.3.2

SUSE Linux Enterprise Desktop 12 SP3

libxml2-2-2.9.4-46.3.2

libxml2-2-32bit-2.9.4-46.3.2

libxml2-tools-2.9.4-46.3.2

python-libxml2-2.9.4-46.3.2

SUSE Linux Enterprise Server 12 SP2

libxml2-2-2.9.4-46.3.2

libxml2-2-32bit-2.9.4-46.3.2

libxml2-doc-2.9.4-46.3.2

libxml2-tools-2.9.4-46.3.2

python-libxml2-2.9.4-46.3.2

SUSE Linux Enterprise Server 12 SP3

libxml2-2-2.9.4-46.3.2

libxml2-2-32bit-2.9.4-46.3.2

libxml2-doc-2.9.4-46.3.2

libxml2-tools-2.9.4-46.3.2

python-libxml2-2.9.4-46.3.2

SUSE Linux Enterprise Server for Raspberry Pi 12 SP2

libxml2-2-2.9.4-46.3.2

libxml2-doc-2.9.4-46.3.2

libxml2-tools-2.9.4-46.3.2

python-libxml2-2.9.4-46.3.2

SUSE Linux Enterprise Server for SAP Applications 12 SP2

libxml2-2-2.9.4-46.3.2

libxml2-2-32bit-2.9.4-46.3.2

libxml2-doc-2.9.4-46.3.2

libxml2-tools-2.9.4-46.3.2

python-libxml2-2.9.4-46.3.2

SUSE Linux Enterprise Server for SAP Applications 12 SP3

libxml2-2-2.9.4-46.3.2

libxml2-2-32bit-2.9.4-46.3.2

libxml2-doc-2.9.4-46.3.2

libxml2-tools-2.9.4-46.3.2

python-libxml2-2.9.4-46.3.2

SUSE Linux Enterprise Software Development Kit 12 SP2

libxml2-devel-2.9.4-46.3.2

SUSE Linux Enterprise Software Development Kit 12 SP3

libxml2-devel-2.9.4-46.3.2

Ссылки

https://www.suse.com/support/update/announcement/2017/suse-su-20172141-1/
Link for SUSE-SU-2017:2141-1
https://lists.suse.com/pipermail/sle-security-updates/2017-August/003130.html
E-Mail link for SUSE-SU-2017:2141-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1038444
SUSE Bug 1038444
https://www.suse.com/security/cve/CVE-2017-8872/
SUSE CVE CVE-2017-8872 page

Описание

The htmlParseTryOrFinish function in HTMLparser.c in libxml2 2.9.4 allows attackers to cause a denial of service (buffer over-read) or information disclosure.

Затронутые продукты

SUSE Linux Enterprise Desktop 12 SP2:libxml2-2-2.9.4-46.3.2

SUSE Linux Enterprise Desktop 12 SP2:libxml2-2-32bit-2.9.4-46.3.2

SUSE Linux Enterprise Desktop 12 SP2:libxml2-tools-2.9.4-46.3.2

SUSE Linux Enterprise Desktop 12 SP2:python-libxml2-2.9.4-46.3.2

Ссылки

https://www.suse.com/security/cve/CVE-2017-8872.html
CVE-2017-8872
https://bugzilla.suse.com/1038444
SUSE Bug 1038444
https://bugzilla.suse.com/1123919
SUSE Bug 1123919

SUSE-SU-2017:2141-1

Описание

Список пакетов

SUSE Linux Enterprise Desktop 12 SP2

SUSE Linux Enterprise Desktop 12 SP3

SUSE Linux Enterprise Server 12 SP2

SUSE Linux Enterprise Server 12 SP3

SUSE Linux Enterprise Server for Raspberry Pi 12 SP2

SUSE Linux Enterprise Server for SAP Applications 12 SP2

SUSE Linux Enterprise Server for SAP Applications 12 SP3

SUSE Linux Enterprise Software Development Kit 12 SP2

SUSE Linux Enterprise Software Development Kit 12 SP3

Ссылки

Уязвимость: CVE-2017-8872

Описание

Затронутые продукты

Ссылки