Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2018:1563-1

Опубликовано: 06 июн. 2018
Источник: suse-cvrf

Описание

Security update for libvorbis

This update for libvorbis fixes the following issues:

The following security issue was fixed:

  • Fixed the validation of channels in mapping0_forward(), which previously allowed remote attackers to cause a denial of service via specially crafted files (CVE-2018-10392, bsc#1091070)

Список пакетов

SUSE Linux Enterprise Server 11 SP4
libvorbis-1.2.0-79.20.14.1
libvorbis-32bit-1.2.0-79.20.14.1
libvorbis-doc-1.2.0-79.20.14.1
libvorbis-x86-1.2.0-79.20.14.1
SUSE Linux Enterprise Server for SAP Applications 11 SP4
libvorbis-1.2.0-79.20.14.1
libvorbis-32bit-1.2.0-79.20.14.1
libvorbis-doc-1.2.0-79.20.14.1
libvorbis-x86-1.2.0-79.20.14.1
SUSE Linux Enterprise Software Development Kit 11 SP4
libvorbis-devel-1.2.0-79.20.14.1

Ссылки

Описание

mapping0_forward in mapping0.c in Xiph.Org libvorbis 1.3.6 does not validate the number of channels, which allows remote attackers to cause a denial of service (heap-based buffer overflow or over-read) or possibly have unspecified other impact via a crafted file.

Затронутые продукты
SUSE Linux Enterprise Server 11 SP4:libvorbis-1.2.0-79.20.14.1
SUSE Linux Enterprise Server 11 SP4:libvorbis-32bit-1.2.0-79.20.14.1
SUSE Linux Enterprise Server 11 SP4:libvorbis-doc-1.2.0-79.20.14.1
SUSE Linux Enterprise Server 11 SP4:libvorbis-x86-1.2.0-79.20.14.1
Ссылки