Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2017:2590-1

Опубликовано: 28 сент. 2017
Источник: suse-cvrf

Описание

Security update for liblouis

This update for liblouis fixes several issues.

These security issues were fixed:

  • CVE-2017-13739: Prevent heap-based buffer overflow in the function resolveSubtable() that could have caused DoS or remote code execution (bsc#1056101)
  • CVE-2017-13740: Prevent stack-based buffer overflow in the function parseChars() that could have caused DoS or possibly unspecified other impact (bsc#1056097) ()
  • CVE-2017-13741: Prevent use-after-free in function compileBrailleIndicator() that allowed to cause remote DoS (bsc#1056095)
  • CVE_2017-13742: Prevent stack-based buffer overflow in function includeFile that allowed to cause remote DoS (bsc#1056093).
  • CVE-2017-13743: Prevent buffer overflow triggered in the function _lou_showString() that allowed to cause remote DoS (bsc#1056090)

Список пакетов

SUSE Linux Enterprise Server 11 SP4
liblouis-1.7.0-1.3.3.1
liblouis0-1.7.0-1.3.3.1
python-louis-1.7.0-1.3.3.1
SUSE Linux Enterprise Server for SAP Applications 11 SP4
liblouis-1.7.0-1.3.3.1
liblouis0-1.7.0-1.3.3.1
python-louis-1.7.0-1.3.3.1

Ссылки

Описание

There is a heap-based buffer overflow that causes a more than two thousand bytes out-of-bounds write in Liblouis 3.2.0, triggered in the function resolveSubtable() in compileTranslationTable.c. It will lead to denial of service or remote code execution.

Затронутые продукты
SUSE Linux Enterprise Server 11 SP4:liblouis-1.7.0-1.3.3.1
SUSE Linux Enterprise Server 11 SP4:liblouis0-1.7.0-1.3.3.1
SUSE Linux Enterprise Server 11 SP4:python-louis-1.7.0-1.3.3.1
SUSE Linux Enterprise Server for SAP Applications 11 SP4:liblouis-1.7.0-1.3.3.1
Ссылки

Описание

There is a stack-based buffer overflow in Liblouis 3.2.0, triggered in the function parseChars() in compileTranslationTable.c, that will lead to denial of service or possibly unspecified other impact.

Затронутые продукты
SUSE Linux Enterprise Server 11 SP4:liblouis-1.7.0-1.3.3.1
SUSE Linux Enterprise Server 11 SP4:liblouis0-1.7.0-1.3.3.1
SUSE Linux Enterprise Server 11 SP4:python-louis-1.7.0-1.3.3.1
SUSE Linux Enterprise Server for SAP Applications 11 SP4:liblouis-1.7.0-1.3.3.1
Ссылки

Описание

There is a use-after-free in the function compileBrailleIndicator() in compileTranslationTable.c in Liblouis 3.2.0 that will lead to a remote denial of service attack.

Затронутые продукты
SUSE Linux Enterprise Server 11 SP4:liblouis-1.7.0-1.3.3.1
SUSE Linux Enterprise Server 11 SP4:liblouis0-1.7.0-1.3.3.1
SUSE Linux Enterprise Server 11 SP4:python-louis-1.7.0-1.3.3.1
SUSE Linux Enterprise Server for SAP Applications 11 SP4:liblouis-1.7.0-1.3.3.1
Ссылки

Описание

There is a buffer overflow in Liblouis 3.2.0, triggered in the function _lou_showString() in utils.c, that will lead to a remote denial of service attack.

Затронутые продукты
SUSE Linux Enterprise Server 11 SP4:liblouis-1.7.0-1.3.3.1
SUSE Linux Enterprise Server 11 SP4:liblouis0-1.7.0-1.3.3.1
SUSE Linux Enterprise Server 11 SP4:python-louis-1.7.0-1.3.3.1
SUSE Linux Enterprise Server for SAP Applications 11 SP4:liblouis-1.7.0-1.3.3.1
Ссылки