SUSE-SU-2019:0996-1

Опубликовано: 23 апр. 2019

Источник: suse-cvrf

Описание

Security update for curl

This update for curl fixes the following issues:

Security issue fixed:

CVE-2018-16839: Fixed a buffer overflow in the SASL authentication code (bsc#1112758).

Список пакетов

Container caasp/v4/nginx-ingress-controller:beta1

libcurl4-7.37.0-37.37.1

Container suse/sles12sp3:latest

libcurl4-7.37.0-37.37.1

SUSE Enterprise Storage 4

curl-7.37.0-37.37.1

libcurl4-7.37.0-37.37.1

libcurl4-32bit-7.37.0-37.37.1

SUSE Linux Enterprise Desktop 12 SP3

curl-7.37.0-37.37.1

libcurl4-7.37.0-37.37.1

libcurl4-32bit-7.37.0-37.37.1

SUSE Linux Enterprise Server 12 SP1-LTSS

curl-7.37.0-37.37.1

libcurl4-7.37.0-37.37.1

libcurl4-32bit-7.37.0-37.37.1

SUSE Linux Enterprise Server 12 SP2-BCL

curl-7.37.0-37.37.1

libcurl4-7.37.0-37.37.1

libcurl4-32bit-7.37.0-37.37.1

SUSE Linux Enterprise Server 12 SP2-LTSS

curl-7.37.0-37.37.1

libcurl4-7.37.0-37.37.1

libcurl4-32bit-7.37.0-37.37.1

SUSE Linux Enterprise Server 12 SP3

curl-7.37.0-37.37.1

libcurl4-7.37.0-37.37.1

libcurl4-32bit-7.37.0-37.37.1

SUSE Linux Enterprise Server 12-LTSS

curl-7.37.0-37.37.1

libcurl4-7.37.0-37.37.1

libcurl4-32bit-7.37.0-37.37.1

SUSE Linux Enterprise Server for SAP Applications 12 SP1

curl-7.37.0-37.37.1

libcurl4-7.37.0-37.37.1

libcurl4-32bit-7.37.0-37.37.1

SUSE Linux Enterprise Server for SAP Applications 12 SP2

curl-7.37.0-37.37.1

libcurl4-7.37.0-37.37.1

libcurl4-32bit-7.37.0-37.37.1

SUSE Linux Enterprise Server for SAP Applications 12 SP3

curl-7.37.0-37.37.1

libcurl4-7.37.0-37.37.1

libcurl4-32bit-7.37.0-37.37.1

SUSE Linux Enterprise Software Development Kit 12 SP3

libcurl-devel-7.37.0-37.37.1

SUSE OpenStack Cloud 7

curl-7.37.0-37.37.1

libcurl4-7.37.0-37.37.1

libcurl4-32bit-7.37.0-37.37.1

Ссылки

https://www.suse.com/support/update/announcement/2019/suse-su-20190996-1/
Link for SUSE-SU-2019:0996-1
https://lists.suse.com/pipermail/sle-security-updates/2019-April/005352.html
E-Mail link for SUSE-SU-2019:0996-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1112758
SUSE Bug 1112758
https://bugzilla.suse.com/1131886
SUSE Bug 1131886
https://www.suse.com/security/cve/CVE-2018-16839/
SUSE CVE CVE-2018-16839 page

Описание

Curl versions 7.33.0 through 7.61.1 are vulnerable to a buffer overrun in the SASL authentication code that may lead to denial of service.

Затронутые продукты

Container caasp/v4/nginx-ingress-controller:beta1:libcurl4-7.37.0-37.37.1

Container suse/sles12sp3:latest:libcurl4-7.37.0-37.37.1

SUSE Enterprise Storage 4:curl-7.37.0-37.37.1

SUSE Enterprise Storage 4:libcurl4-32bit-7.37.0-37.37.1

Ссылки

https://www.suse.com/security/cve/CVE-2018-16839.html
CVE-2018-16839
https://bugzilla.suse.com/1112758
SUSE Bug 1112758
https://bugzilla.suse.com/1113029
SUSE Bug 1113029
https://bugzilla.suse.com/1131886
SUSE Bug 1131886

SUSE-SU-2019:0996-1

Описание

Список пакетов

Container caasp/v4/nginx-ingress-controller:beta1

Container suse/sles12sp3:latest

SUSE Enterprise Storage 4

SUSE Linux Enterprise Desktop 12 SP3

SUSE Linux Enterprise Server 12 SP1-LTSS

SUSE Linux Enterprise Server 12 SP2-BCL

SUSE Linux Enterprise Server 12 SP2-LTSS

SUSE Linux Enterprise Server 12 SP3

SUSE Linux Enterprise Server 12-LTSS

SUSE Linux Enterprise Server for SAP Applications 12 SP1

SUSE Linux Enterprise Server for SAP Applications 12 SP2

SUSE Linux Enterprise Server for SAP Applications 12 SP3

SUSE Linux Enterprise Software Development Kit 12 SP3

SUSE OpenStack Cloud 7

Ссылки

Уязвимость: CVE-2018-16839

Описание

Затронутые продукты

Ссылки