SUSE-SU-2018:2991-1

Опубликовано: 04 окт. 2018

Источник: suse-cvrf

Описание

Security update for openslp

This update for openslp fixes the following issues:

CVE-2017-17833: Prevent heap-related memory corruption issue which may have manifested itself as a denial-of-service or a remote code-execution vulnerability (bsc#1090638)
Prevent out of bounds reads in message parsing

Список пакетов

SUSE Enterprise Storage 4

openslp-2.0.0-18.17.1

openslp-32bit-2.0.0-18.17.1

openslp-server-2.0.0-18.17.1

SUSE Linux Enterprise Desktop 12 SP3

openslp-2.0.0-18.17.1

openslp-32bit-2.0.0-18.17.1

SUSE Linux Enterprise Server 12 SP1-LTSS

openslp-2.0.0-18.17.1

openslp-32bit-2.0.0-18.17.1

openslp-server-2.0.0-18.17.1

SUSE Linux Enterprise Server 12 SP2-LTSS

openslp-2.0.0-18.17.1

openslp-32bit-2.0.0-18.17.1

openslp-server-2.0.0-18.17.1

SUSE Linux Enterprise Server 12 SP3

openslp-2.0.0-18.17.1

openslp-32bit-2.0.0-18.17.1

openslp-server-2.0.0-18.17.1

SUSE Linux Enterprise Server 12-LTSS

openslp-2.0.0-18.17.1

openslp-32bit-2.0.0-18.17.1

openslp-server-2.0.0-18.17.1

SUSE Linux Enterprise Server for SAP Applications 12 SP2

openslp-2.0.0-18.17.1

openslp-32bit-2.0.0-18.17.1

openslp-server-2.0.0-18.17.1

SUSE Linux Enterprise Server for SAP Applications 12 SP3

openslp-2.0.0-18.17.1

openslp-32bit-2.0.0-18.17.1

openslp-server-2.0.0-18.17.1

SUSE Linux Enterprise Software Development Kit 12 SP3

openslp-devel-2.0.0-18.17.1

SUSE OpenStack Cloud 7

openslp-2.0.0-18.17.1

openslp-32bit-2.0.0-18.17.1

openslp-server-2.0.0-18.17.1

Ссылки

https://www.suse.com/support/update/announcement/2018/suse-su-20182991-1/
Link for SUSE-SU-2018:2991-1
https://lists.suse.com/pipermail/sle-security-updates/2018-October/004639.html
E-Mail link for SUSE-SU-2018:2991-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1090638
SUSE Bug 1090638
https://www.suse.com/security/cve/CVE-2017-17833/
SUSE CVE CVE-2017-17833 page

Описание

OpenSLP releases in the 1.0.2 and 1.1.0 code streams have a heap-related memory corruption issue which may manifest itself as a denial-of-service or a remote code-execution vulnerability.

Затронутые продукты

SUSE Enterprise Storage 4:openslp-2.0.0-18.17.1

SUSE Enterprise Storage 4:openslp-32bit-2.0.0-18.17.1

SUSE Enterprise Storage 4:openslp-server-2.0.0-18.17.1

SUSE Linux Enterprise Desktop 12 SP3:openslp-2.0.0-18.17.1

Ссылки

https://www.suse.com/security/cve/CVE-2017-17833.html
CVE-2017-17833
https://bugzilla.suse.com/1090638
SUSE Bug 1090638
https://bugzilla.suse.com/1099519
SUSE Bug 1099519
https://bugzilla.suse.com/1126909
SUSE Bug 1126909

SUSE-SU-2018:2991-1

Описание

Список пакетов

SUSE Enterprise Storage 4

SUSE Linux Enterprise Desktop 12 SP3

SUSE Linux Enterprise Server 12 SP1-LTSS

SUSE Linux Enterprise Server 12 SP2-LTSS

SUSE Linux Enterprise Server 12 SP3

SUSE Linux Enterprise Server 12-LTSS

SUSE Linux Enterprise Server for SAP Applications 12 SP2

SUSE Linux Enterprise Server for SAP Applications 12 SP3

SUSE Linux Enterprise Software Development Kit 12 SP3

SUSE OpenStack Cloud 7

Ссылки

Уязвимость: CVE-2017-17833

Описание

Затронутые продукты

Ссылки