SUSE-SU-2018:0631-1

Опубликовано: 07 мар. 2018

Источник: suse-cvrf

Описание

Security update for yaml-cpp

This update for yaml-cpp fixes the following issues:

CVE-2017-5950: Stack overflow in SingleDocParser::HandleNode() function (bsc#1032144)

Список пакетов

SUSE Linux Enterprise Desktop 12 SP2

libyaml-cpp0_5-0.5.3-3.3.2

SUSE Linux Enterprise Desktop 12 SP3

libyaml-cpp0_5-0.5.3-3.3.2

SUSE Linux Enterprise Workstation Extension 12 SP2

libyaml-cpp0_5-0.5.3-3.3.2

SUSE Linux Enterprise Workstation Extension 12 SP3

libyaml-cpp0_5-0.5.3-3.3.2

Ссылки

https://www.suse.com/support/update/announcement/2018/suse-su-20180631-1/
Link for SUSE-SU-2018:0631-1
https://lists.suse.com/pipermail/sle-security-updates/2018-March/003791.html
E-Mail link for SUSE-SU-2018:0631-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1032144
SUSE Bug 1032144
https://www.suse.com/security/cve/CVE-2017-5950/
SUSE CVE CVE-2017-5950 page

Описание

The SingleDocParser::HandleNode function in yaml-cpp (aka LibYaml-C++) 0.5.3 allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted YAML file.

Затронутые продукты

SUSE Linux Enterprise Desktop 12 SP2:libyaml-cpp0_5-0.5.3-3.3.2

SUSE Linux Enterprise Desktop 12 SP3:libyaml-cpp0_5-0.5.3-3.3.2

SUSE Linux Enterprise Workstation Extension 12 SP2:libyaml-cpp0_5-0.5.3-3.3.2

SUSE Linux Enterprise Workstation Extension 12 SP3:libyaml-cpp0_5-0.5.3-3.3.2

Ссылки

https://www.suse.com/security/cve/CVE-2017-5950.html
CVE-2017-5950
https://bugzilla.suse.com/1032144
SUSE Bug 1032144

SUSE-SU-2018:0631-1

Описание

Список пакетов

SUSE Linux Enterprise Desktop 12 SP2

SUSE Linux Enterprise Desktop 12 SP3

SUSE Linux Enterprise Workstation Extension 12 SP2

SUSE Linux Enterprise Workstation Extension 12 SP3

Ссылки

Уязвимость: CVE-2017-5950

Описание

Затронутые продукты

Ссылки