SUSE-SU-2018:0465-1

Опубликовано: 16 фев. 2018

Источник: suse-cvrf

Описание

Security update for unzip

This update for unzip fixes the following issues:

CVE-2018-1000035: Fixed a heap-based buffer overflow in password protected ZIP archives (bsc#1080074)

Список пакетов

SUSE Linux Enterprise Server 11 SP4

unzip-6.00-11.18.3.1

SUSE Linux Enterprise Server for SAP Applications 11 SP4

unzip-6.00-11.18.3.1

Ссылки

https://www.suse.com/support/update/announcement/2018/suse-su-20180465-1/
Link for SUSE-SU-2018:0465-1
https://lists.suse.com/pipermail/sle-security-updates/2018-February/003738.html
E-Mail link for SUSE-SU-2018:0465-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1080074
SUSE Bug 1080074
https://www.suse.com/security/cve/CVE-2018-1000035/
SUSE CVE CVE-2018-1000035 page

Описание

A heap-based buffer overflow exists in Info-Zip UnZip version <= 6.00 in the processing of password-protected archives that allows an attacker to perform a denial of service or to possibly achieve code execution.

Затронутые продукты

SUSE Linux Enterprise Server 11 SP4:unzip-6.00-11.18.3.1

SUSE Linux Enterprise Server for SAP Applications 11 SP4:unzip-6.00-11.18.3.1

Ссылки

https://www.suse.com/security/cve/CVE-2018-1000035.html
CVE-2018-1000035
https://bugzilla.suse.com/1076531
SUSE Bug 1076531
https://bugzilla.suse.com/1080074
SUSE Bug 1080074
https://bugzilla.suse.com/1149684
SUSE Bug 1149684
https://bugzilla.suse.com/1159417
SUSE Bug 1159417
https://bugzilla.suse.com/1196768
SUSE Bug 1196768

SUSE-SU-2018:0465-1

Описание

Список пакетов

SUSE Linux Enterprise Server 11 SP4

SUSE Linux Enterprise Server for SAP Applications 11 SP4

Ссылки

Уязвимость: CVE-2018-1000035

Описание

Затронутые продукты

Ссылки