SUSE-SU-2019:0806-1

Опубликовано: 29 мар. 2019

Источник: suse-cvrf

Описание

Security update for sysstat

This update for sysstat fixes the following issues:

Security issues fixed:

CVE-2018-19416: Fixed out-of-bounds read during a memmove call inside the remap_struct function (bsc#1117001).
CVE-2018-19517: Fixed out-of-bounds read during a memset call inside the remap_struct function (bsc#1117260).

Список пакетов

Container suse/hpc/warewulf4-x86_64/sle-hpc-node:latest

sysstat-12.0.2-3.6.12

Container suse/sle-micro-rancher/5.2:latest

sysstat-12.0.2-3.6.12

Container suse/sle-micro-rancher/5.3:latest

sysstat-12.0.2-3.6.12

Container suse/sle-micro-rancher/5.4:latest

sysstat-12.0.2-3.6.12

Container suse/sle-micro/5.5:latest

sysstat-12.0.2-3.6.12

Image SLES15-SP3-EC2-HVM

sysstat-12.0.2-3.6.12

Image SLES15-SP3-SAP-Azure

sysstat-12.0.2-3.6.12

Image SLES15-SP3-SAP-Azure-LI-BYOS-Production

sysstat-12.0.2-3.6.12

Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production

sysstat-12.0.2-3.6.12

Image SLES15-SP3-SAP-BYOS-Azure

sysstat-12.0.2-3.6.12

Image SLES15-SP3-SAP-BYOS-EC2-HVM

sysstat-12.0.2-3.6.12

Image SLES15-SP3-SAP-BYOS-GCE

sysstat-12.0.2-3.6.12

Image SLES15-SP3-SAP-EC2-HVM

sysstat-12.0.2-3.6.12

Image SLES15-SP3-SAP-GCE

sysstat-12.0.2-3.6.12

Image SLES15-SP3-SAPCAL-Azure

sysstat-12.0.2-3.6.12

Image SLES15-SP3-SAPCAL-EC2-HVM

sysstat-12.0.2-3.6.12

Image SLES15-SP3-SAPCAL-GCE

sysstat-12.0.2-3.6.12

Image SLES15-SP4-SAP

sysstat-12.0.2-3.6.12

Image SLES15-SP4-SAP-Azure

sysstat-12.0.2-3.6.12

Image SLES15-SP4-SAP-Azure-LI-BYOS

sysstat-12.0.2-3.6.12

Image SLES15-SP4-SAP-Azure-LI-BYOS-Production

sysstat-12.0.2-3.6.12

Image SLES15-SP4-SAP-Azure-VLI-BYOS

sysstat-12.0.2-3.6.12

Image SLES15-SP4-SAP-Azure-VLI-BYOS-Production

sysstat-12.0.2-3.6.12

Image SLES15-SP4-SAP-BYOS

sysstat-12.0.2-3.6.12

Image SLES15-SP4-SAP-BYOS-Azure

sysstat-12.0.2-3.6.12

Image SLES15-SP4-SAP-BYOS-EC2

sysstat-12.0.2-3.6.12

Image SLES15-SP4-SAP-BYOS-GCE

sysstat-12.0.2-3.6.12

Image SLES15-SP4-SAP-EC2

sysstat-12.0.2-3.6.12

Image SLES15-SP4-SAP-GCE

sysstat-12.0.2-3.6.12

Image SLES15-SP4-SAP-Hardened

sysstat-12.0.2-3.6.12

Image SLES15-SP4-SAP-Hardened-Azure

sysstat-12.0.2-3.6.12

Image SLES15-SP4-SAP-Hardened-BYOS

sysstat-12.0.2-3.6.12

Image SLES15-SP4-SAP-Hardened-BYOS-Azure

sysstat-12.0.2-3.6.12

Image SLES15-SP4-SAP-Hardened-BYOS-EC2

sysstat-12.0.2-3.6.12

Image SLES15-SP4-SAP-Hardened-BYOS-GCE

sysstat-12.0.2-3.6.12

Image SLES15-SP4-SAP-Hardened-EC2

sysstat-12.0.2-3.6.12

Image SLES15-SP4-SAP-Hardened-GCE

sysstat-12.0.2-3.6.12

Image SLES15-SP4-SAPCAL

sysstat-12.0.2-3.6.12

Image SLES15-SP4-SAPCAL-Azure

sysstat-12.0.2-3.6.12

Image SLES15-SP4-SAPCAL-EC2

sysstat-12.0.2-3.6.12

Image SLES15-SP4-SAPCAL-GCE

sysstat-12.0.2-3.6.12

Image SLES15-SP5-SAP-Azure

sysstat-12.0.2-3.6.12

Image SLES15-SP5-SAP-Azure-3P

sysstat-12.0.2-3.6.12

Image SLES15-SP5-SAP-Azure-LI-BYOS

sysstat-12.0.2-3.6.12

Image SLES15-SP5-SAP-Azure-LI-BYOS-Production

sysstat-12.0.2-3.6.12

Image SLES15-SP5-SAP-Azure-VLI-BYOS

sysstat-12.0.2-3.6.12

Image SLES15-SP5-SAP-Azure-VLI-BYOS-Production

sysstat-12.0.2-3.6.12

Image SLES15-SP5-SAP-BYOS-Azure

sysstat-12.0.2-3.6.12

Image SLES15-SP5-SAP-BYOS-EC2

sysstat-12.0.2-3.6.12

Image SLES15-SP5-SAP-BYOS-GCE

sysstat-12.0.2-3.6.12

Image SLES15-SP5-SAP-EC2

sysstat-12.0.2-3.6.12

Image SLES15-SP5-SAP-GCE

sysstat-12.0.2-3.6.12

Image SLES15-SP5-SAP-Hardened-Azure

sysstat-12.0.2-3.6.12

Image SLES15-SP5-SAP-Hardened-BYOS-Azure

sysstat-12.0.2-3.6.12

Image SLES15-SP5-SAP-Hardened-BYOS-EC2

sysstat-12.0.2-3.6.12

Image SLES15-SP5-SAP-Hardened-BYOS-GCE

sysstat-12.0.2-3.6.12

Image SLES15-SP5-SAP-Hardened-EC2

sysstat-12.0.2-3.6.12

Image SLES15-SP5-SAP-Hardened-GCE

sysstat-12.0.2-3.6.12

Image SLES15-SP5-SAPCAL-Azure

sysstat-12.0.2-3.6.12

Image SLES15-SP5-SAPCAL-EC2

sysstat-12.0.2-3.6.12

Image SLES15-SP5-SAPCAL-GCE

sysstat-12.0.2-3.6.12

Image SLES15-SP6-SAP

sysstat-12.0.2-3.6.12

Image SLES15-SP6-SAP-Azure

sysstat-12.0.2-3.6.12

Image SLES15-SP6-SAP-Azure-3P

sysstat-12.0.2-3.6.12

Image SLES15-SP6-SAP-Azure-LI-BYOS

sysstat-12.0.2-3.6.12

Image SLES15-SP6-SAP-Azure-LI-BYOS-Production

sysstat-12.0.2-3.6.12

Image SLES15-SP6-SAP-Azure-VLI-BYOS

sysstat-12.0.2-3.6.12

Image SLES15-SP6-SAP-Azure-VLI-BYOS-Production

sysstat-12.0.2-3.6.12

Image SLES15-SP6-SAP-BYOS

sysstat-12.0.2-3.6.12

Image SLES15-SP6-SAP-BYOS-Azure

sysstat-12.0.2-3.6.12

Image SLES15-SP6-SAP-BYOS-EC2

sysstat-12.0.2-3.6.12

Image SLES15-SP6-SAP-BYOS-GCE

sysstat-12.0.2-3.6.12

Image SLES15-SP6-SAP-EC2

sysstat-12.0.2-3.6.12

Image SLES15-SP6-SAP-GCE

sysstat-12.0.2-3.6.12

Image SLES15-SP6-SAP-Hardened

sysstat-12.0.2-3.6.12

Image SLES15-SP6-SAP-Hardened-Azure

sysstat-12.0.2-3.6.12

Image SLES15-SP6-SAP-Hardened-BYOS

sysstat-12.0.2-3.6.12

Image SLES15-SP6-SAP-Hardened-BYOS-Azure

sysstat-12.0.2-3.6.12

Image SLES15-SP6-SAP-Hardened-BYOS-EC2

sysstat-12.0.2-3.6.12

Image SLES15-SP6-SAP-Hardened-BYOS-GCE

sysstat-12.0.2-3.6.12

Image SLES15-SP6-SAP-Hardened-EC2

sysstat-12.0.2-3.6.12

Image SLES15-SP6-SAP-Hardened-GCE

sysstat-12.0.2-3.6.12

Image SLES15-SP6-SAPCAL

sysstat-12.0.2-3.6.12

Image SLES15-SP6-SAPCAL-Azure

sysstat-12.0.2-3.6.12

Image SLES15-SP6-SAPCAL-EC2

sysstat-12.0.2-3.6.12

Image SLES15-SP6-SAPCAL-GCE

sysstat-12.0.2-3.6.12

Image SLES15-SP7-SAP-Azure

sysstat-12.0.2-3.6.12

Image SLES15-SP7-SAP-Azure-3P

sysstat-12.0.2-3.6.12

Image SLES15-SP7-SAP-Azure-LI-BYOS-Production

sysstat-12.0.2-3.6.12

Image SLES15-SP7-SAP-Azure-VLI-BYOS-Production

sysstat-12.0.2-3.6.12

Image SLES15-SP7-SAP-BYOS-Azure

sysstat-12.0.2-3.6.12

Image SLES15-SP7-SAP-BYOS-EC2

sysstat-12.0.2-3.6.12

Image SLES15-SP7-SAP-BYOS-GCE

sysstat-12.0.2-3.6.12

Image SLES15-SP7-SAP-EC2

sysstat-12.0.2-3.6.12

Image SLES15-SP7-SAP-GCE

sysstat-12.0.2-3.6.12

Image SLES15-SP7-SAP-Hardened-Azure

sysstat-12.0.2-3.6.12

Image SLES15-SP7-SAP-Hardened-BYOS-Azure

sysstat-12.0.2-3.6.12

Image SLES15-SP7-SAP-Hardened-BYOS-EC2

sysstat-12.0.2-3.6.12

Image SLES15-SP7-SAP-Hardened-BYOS-GCE

sysstat-12.0.2-3.6.12

Image SLES15-SP7-SAP-Hardened-GCE

sysstat-12.0.2-3.6.12

Image SLES15-SP7-SAPCAL-Azure

sysstat-12.0.2-3.6.12

Image SLES15-SP7-SAPCAL-EC2

sysstat-12.0.2-3.6.12

Image SLES15-SP7-SAPCAL-GCE

sysstat-12.0.2-3.6.12

SUSE Linux Enterprise Module for Basesystem 15

sysstat-12.0.2-3.6.12

SUSE Linux Enterprise Module for Server Applications 15

sysstat-isag-12.0.2-3.6.12

Ссылки

https://www.suse.com/support/update/announcement/2019/suse-su-20190806-1/
Link for SUSE-SU-2019:0806-1
https://lists.suse.com/pipermail/sle-security-updates/2019-March/005263.html
E-Mail link for SUSE-SU-2019:0806-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1117001
SUSE Bug 1117001
https://bugzilla.suse.com/1117260
SUSE Bug 1117260
https://www.suse.com/security/cve/CVE-2018-19416/
SUSE CVE CVE-2018-19416 page
https://www.suse.com/security/cve/CVE-2018-19517/
SUSE CVE CVE-2018-19517 page

Описание

An issue was discovered in sysstat 12.1.1. The remap_struct function in sa_common.c has an out-of-bounds read during a memmove call, as demonstrated by sadf.

Затронутые продукты

Container suse/hpc/warewulf4-x86_64/sle-hpc-node:latest:sysstat-12.0.2-3.6.12

Container suse/sle-micro-rancher/5.2:latest:sysstat-12.0.2-3.6.12

Container suse/sle-micro-rancher/5.3:latest:sysstat-12.0.2-3.6.12

Container suse/sle-micro-rancher/5.4:latest:sysstat-12.0.2-3.6.12

Ссылки

https://www.suse.com/security/cve/CVE-2018-19416.html
CVE-2018-19416
https://bugzilla.suse.com/1117001
SUSE Bug 1117001

Описание

An issue was discovered in sysstat 12.1.1. The remap_struct function in sa_common.c has an out-of-bounds read during a memset call, as demonstrated by sadf.

Затронутые продукты

Container suse/hpc/warewulf4-x86_64/sle-hpc-node:latest:sysstat-12.0.2-3.6.12

Container suse/sle-micro-rancher/5.2:latest:sysstat-12.0.2-3.6.12

Container suse/sle-micro-rancher/5.3:latest:sysstat-12.0.2-3.6.12

Container suse/sle-micro-rancher/5.4:latest:sysstat-12.0.2-3.6.12

Ссылки

https://www.suse.com/security/cve/CVE-2018-19517.html
CVE-2018-19517
https://bugzilla.suse.com/1117260
SUSE Bug 1117260