SUSE-SU-2018:3913-1

Опубликовано: 26 нояб. 2018

Источник: suse-cvrf

Описание

Security update for glib2

This update for glib2 fixes the following issues:

Security issues fixed:

CVE-2018-16428: Do not do a NULL pointer dereference (crash). Avoid that, at the cost of introducing a new translatable error message (bsc#1107121).
CVE-2018-16429: Fixed out-of-bounds read vulnerability ing_markup_parse_context_parse() (bsc#1107116).

Non-security issue fixed:

various GVariant parsing issues have been resolved (bsc#1111499)

Список пакетов

SUSE Linux Enterprise Module for Basesystem 15

glib2-devel-2.54.3-4.7.1

glib2-lang-2.54.3-4.7.1

glib2-tools-2.54.3-4.7.1

libgio-2_0-0-2.54.3-4.7.1

libgio-2_0-0-32bit-2.54.3-4.7.1

libglib-2_0-0-2.54.3-4.7.1

libglib-2_0-0-32bit-2.54.3-4.7.1

libgmodule-2_0-0-2.54.3-4.7.1

libgmodule-2_0-0-32bit-2.54.3-4.7.1

libgobject-2_0-0-2.54.3-4.7.1

libgobject-2_0-0-32bit-2.54.3-4.7.1

libgthread-2_0-0-2.54.3-4.7.1

SUSE Linux Enterprise Module for Package Hub 15

glib2-devel-32bit-2.54.3-4.7.1

glib2-tools-32bit-2.54.3-4.7.1

libgthread-2_0-0-32bit-2.54.3-4.7.1

Ссылки

https://www.suse.com/support/update/announcement/2018/suse-su-20183913-1/
Link for SUSE-SU-2018:3913-1
https://lists.suse.com/pipermail/sle-security-updates/2018-November/004892.html
E-Mail link for SUSE-SU-2018:3913-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1107116
SUSE Bug 1107116
https://bugzilla.suse.com/1107121
SUSE Bug 1107121
https://bugzilla.suse.com/1111499
SUSE Bug 1111499
https://www.suse.com/security/cve/CVE-2018-16428/
SUSE CVE CVE-2018-16428 page
https://www.suse.com/security/cve/CVE-2018-16429/
SUSE CVE CVE-2018-16429 page

Описание

In GNOME GLib 2.56.1, g_markup_parse_context_end_parse() in gmarkup.c has a NULL pointer dereference.

Затронутые продукты

SUSE Linux Enterprise Module for Basesystem 15:glib2-devel-2.54.3-4.7.1

SUSE Linux Enterprise Module for Basesystem 15:glib2-lang-2.54.3-4.7.1

SUSE Linux Enterprise Module for Basesystem 15:glib2-tools-2.54.3-4.7.1

SUSE Linux Enterprise Module for Basesystem 15:libgio-2_0-0-2.54.3-4.7.1

Ссылки

https://www.suse.com/security/cve/CVE-2018-16428.html
CVE-2018-16428
https://bugzilla.suse.com/1107121
SUSE Bug 1107121

Описание

GNOME GLib 2.56.1 has an out-of-bounds read vulnerability in g_markup_parse_context_parse() in gmarkup.c, related to utf8_str().

Затронутые продукты

SUSE Linux Enterprise Module for Basesystem 15:glib2-devel-2.54.3-4.7.1

SUSE Linux Enterprise Module for Basesystem 15:glib2-lang-2.54.3-4.7.1

SUSE Linux Enterprise Module for Basesystem 15:glib2-tools-2.54.3-4.7.1

SUSE Linux Enterprise Module for Basesystem 15:libgio-2_0-0-2.54.3-4.7.1

Ссылки

https://www.suse.com/security/cve/CVE-2018-16429.html
CVE-2018-16429
https://bugzilla.suse.com/1107116
SUSE Bug 1107116

SUSE-SU-2018:3913-1

Описание

Список пакетов

SUSE Linux Enterprise Module for Basesystem 15

SUSE Linux Enterprise Module for Package Hub 15

Ссылки

Уязвимость: CVE-2018-16428

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2018-16429

Описание

Затронутые продукты

Ссылки