Описание
Security update for openslp
This update for openslp fixes the following issues:
- CVE-2017-17833: Prevent heap-related memory corruption issue which may have manifested itself as a denial-of-service or a remote code-execution vulnerability (bsc#1090638)
- Prevent out of bounds reads in message parsing
Список пакетов
SUSE Linux Enterprise Server 12 SP2-BCL
openslp-2.0.0-18.15.1
openslp-32bit-2.0.0-18.15.1
openslp-server-2.0.0-18.15.1
Ссылки
- Link for SUSE-SU-2018:2779-2
- E-Mail link for SUSE-SU-2018:2779-2
- SUSE Security Ratings
- SUSE Bug 1090638
- SUSE CVE CVE-2017-17833 page
Описание
OpenSLP releases in the 1.0.2 and 1.1.0 code streams have a heap-related memory corruption issue which may manifest itself as a denial-of-service or a remote code-execution vulnerability.
Затронутые продукты
SUSE Linux Enterprise Server 12 SP2-BCL:openslp-2.0.0-18.15.1
SUSE Linux Enterprise Server 12 SP2-BCL:openslp-32bit-2.0.0-18.15.1
SUSE Linux Enterprise Server 12 SP2-BCL:openslp-server-2.0.0-18.15.1
Ссылки
- CVE-2017-17833
- SUSE Bug 1090638
- SUSE Bug 1099519
- SUSE Bug 1126909