SUSE-SU-2018:1037-1

Опубликовано: 20 апр. 2018

Источник: suse-cvrf

Описание

Security update for zsh

This update for zsh fixes the following issues:

CVE-2018-1100: Fixed a buffer overflow in utils.c:checkmailpath() that could lead to local arbitrary code execution ( bsc#1089030)

Список пакетов

SUSE Linux Enterprise Server 11 SP4

zsh-4.3.6-67.9.3.1

SUSE Linux Enterprise Server for SAP Applications 11 SP4

zsh-4.3.6-67.9.3.1

Ссылки

https://www.suse.com/support/update/announcement/2018/suse-su-20181037-1/
Link for SUSE-SU-2018:1037-1
https://lists.suse.com/pipermail/sle-security-updates/2018-April/003952.html
E-Mail link for SUSE-SU-2018:1037-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1089030
SUSE Bug 1089030
https://www.suse.com/security/cve/CVE-2018-1100/
SUSE CVE CVE-2018-1100 page

Описание

zsh through version 5.4.2 is vulnerable to a stack-based buffer overflow in the utils.c:checkmailpath function. A local attacker could exploit this to execute arbitrary code in the context of another user.

Затронутые продукты

SUSE Linux Enterprise Server 11 SP4:zsh-4.3.6-67.9.3.1

SUSE Linux Enterprise Server for SAP Applications 11 SP4:zsh-4.3.6-67.9.3.1

Ссылки

https://www.suse.com/security/cve/CVE-2018-1100.html
CVE-2018-1100
https://bugzilla.suse.com/1089030
SUSE Bug 1089030
https://bugzilla.suse.com/1189668
SUSE Bug 1189668

SUSE-SU-2018:1037-1

Описание

Список пакетов

SUSE Linux Enterprise Server 11 SP4

SUSE Linux Enterprise Server for SAP Applications 11 SP4

Ссылки

Уязвимость: CVE-2018-1100

Описание

Затронутые продукты

Ссылки