Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2017:3078-1

Опубликовано: 24 нояб. 2017
Источник: suse-cvrf

Описание

Security update for liblouis

This update for liblouis fixes the following issues:

Security issues fixed:

  • CVE-2017-15101: Buffer overflow in findTable (bsc#1067336).
  • CVE-2014-8184: stack-based buffer overflow in findTable() (bsc#1062458).

Список пакетов

SUSE Linux Enterprise Server 11 SP4
liblouis-1.7.0-1.3.6.1
liblouis0-1.7.0-1.3.6.1
python-louis-1.7.0-1.3.6.1
SUSE Linux Enterprise Server for SAP Applications 11 SP4
liblouis-1.7.0-1.3.6.1
liblouis0-1.7.0-1.3.6.1
python-louis-1.7.0-1.3.6.1

Ссылки

Описание

A vulnerability was found in liblouis, versions 2.5.x before 2.5.4. A stack-based buffer overflow was found in findTable() in liblouis. An attacker could create a malicious file that would cause applications that use liblouis (such as Orca) to crash, or potentially execute arbitrary code when opened.

Затронутые продукты
SUSE Linux Enterprise Server 11 SP4:liblouis-1.7.0-1.3.6.1
SUSE Linux Enterprise Server 11 SP4:liblouis0-1.7.0-1.3.6.1
SUSE Linux Enterprise Server 11 SP4:python-louis-1.7.0-1.3.6.1
SUSE Linux Enterprise Server for SAP Applications 11 SP4:liblouis-1.7.0-1.3.6.1
Ссылки

Описание

A missing patch for a stack-based buffer overflow in findTable() was found in Red Hat version of liblouis before 2.5.4. An attacker could cause a denial of service condition or potentially even arbitrary code execution.

Затронутые продукты
SUSE Linux Enterprise Server 11 SP4:liblouis-1.7.0-1.3.6.1
SUSE Linux Enterprise Server 11 SP4:liblouis0-1.7.0-1.3.6.1
SUSE Linux Enterprise Server 11 SP4:python-louis-1.7.0-1.3.6.1
SUSE Linux Enterprise Server for SAP Applications 11 SP4:liblouis-1.7.0-1.3.6.1
Ссылки