Описание
Security update for rzsz
This update for rzsz fixes the following issues:
- L3: sz of rzsz segfaults in zsdata() (bsc#1086416)
- VUL-0: CVE-2018-10195: rzsz: sz can leak data to receiving side (bsc#1090051)
- rzsz-0.12.20-976.7: illegal use of freed variable (bsc#529899)
- /usr/bin/lsb segfaults [rzsz] (bsc#1076576)
Список пакетов
SUSE Linux Enterprise Server 11 SP4
rzsz-0.12.21~rc-936.3.1
SUSE Linux Enterprise Server for SAP Applications 11 SP4
rzsz-0.12.21~rc-936.3.1
Ссылки
- Link for SUSE-SU-2018:1070-1
- E-Mail link for SUSE-SU-2018:1070-1
- SUSE Security Ratings
- SUSE Bug 1076576
- SUSE Bug 1086416
- SUSE Bug 1090051
- SUSE Bug 529899
- SUSE CVE CVE-2018-10195 page
Описание
lrzsz before version 0.12.21~rc can leak information to the receiving side due to an incorrect length check in the function zsdata that causes a size_t to wrap around.
Затронутые продукты
SUSE Linux Enterprise Server 11 SP4:rzsz-0.12.21~rc-936.3.1
SUSE Linux Enterprise Server for SAP Applications 11 SP4:rzsz-0.12.21~rc-936.3.1
Ссылки
- CVE-2018-10195
- SUSE Bug 1090051
- SUSE Bug 1149678