Описание
Security update for libxslt
This update for libxslt fixes the following issues:
Security issue fixed:
- CVE-2019-11068: Fixed a protection mechanism bypass where callers of xsltCheckRead() and xsltCheckWrite() would permit access upon receiving an error (bsc#1132160).
Список пакетов
Container ses/7.1/cephcsi/cephcsi:latest
libxslt1-1.1.32-3.3.1
Container ses/7.1/rook/ceph:latest
libxslt1-1.1.32-3.3.1
Container ses/7/ceph/ceph:latest
libxslt1-1.1.32-3.3.1
Container ses/7/cephcsi/cephcsi:latest
libxslt1-1.1.32-3.3.1
Container ses/7/rook/ceph:latest
libxslt1-1.1.32-3.3.1
Container suse/rmt-nginx:latest
libxslt1-1.1.32-3.3.1
Container suse/rmt-server:latest
libxslt1-1.1.32-3.3.1
Container suse/sle-micro-rancher/5.2:latest
libxslt1-1.1.32-3.3.1
Container suse/sles/15.3/libguestfs-tools:0.45.0
libxslt1-1.1.32-3.3.1
Image SLES15-Azure-BYOS
libxslt1-1.1.32-3.3.1
Image SLES15-EC2-HVM-BYOS
libxslt1-1.1.32-3.3.1
Image SLES15-GCE-BYOS
libxslt1-1.1.32-3.3.1
Image SLES15-SAP-Azure
libxslt1-1.1.32-3.3.1
Image SLES15-SAP-Azure-BYOS
libxslt1-1.1.32-3.3.1
Image SLES15-SAP-Azure-LI-BYOS-Production
libxslt-tools-1.1.32-3.3.1
libxslt1-1.1.32-3.3.1
Image SLES15-SAP-Azure-VLI-BYOS-Production
libxslt-tools-1.1.32-3.3.1
libxslt1-1.1.32-3.3.1
Image SLES15-SAP-EC2-HVM
libxslt1-1.1.32-3.3.1
Image SLES15-SAP-EC2-HVM-BYOS
libxslt1-1.1.32-3.3.1
Image SLES15-SAP-GCE
libxslt1-1.1.32-3.3.1
Image SLES15-SAP-GCE-BYOS
libxslt1-1.1.32-3.3.1
Image SLES15-SAP-OCI-BYOS
libxslt1-1.1.32-3.3.1
Image SLES15-SP1-Azure-BYOS
libxslt1-1.1.32-3.3.1
Image SLES15-SP1-Azure-HPC-BYOS
libxslt1-1.1.32-3.3.1
Image SLES15-SP1-CAP-Deployment-BYOS-EC2-HVM
libxslt1-1.1.32-3.3.1
Image SLES15-SP1-CAP-Deployment-BYOS-GCE
libxslt1-1.1.32-3.3.1
Image SLES15-SP1-EC2-HPC-HVM-BYOS
libxslt1-1.1.32-3.3.1
Image SLES15-SP1-GCE-BYOS
libxslt1-1.1.32-3.3.1
Image SLES15-SP1-Manager-4-0-Azure-BYOS-Proxy
libxslt-tools-1.1.32-3.3.1
libxslt1-1.1.32-3.3.1
Image SLES15-SP1-Manager-4-0-Azure-BYOS-Server
libxslt-tools-1.1.32-3.3.1
libxslt1-1.1.32-3.3.1
Image SLES15-SP1-Manager-4-0-EC2-HVM-BYOS-Proxy
libxslt-tools-1.1.32-3.3.1
libxslt1-1.1.32-3.3.1
Image SLES15-SP1-Manager-4-0-EC2-HVM-BYOS-Server
libxslt-tools-1.1.32-3.3.1
libxslt1-1.1.32-3.3.1
Image SLES15-SP1-Manager-4-0-GCE-BYOS-Proxy
libxslt-tools-1.1.32-3.3.1
libxslt1-1.1.32-3.3.1
Image SLES15-SP1-Manager-4-0-GCE-BYOS-Server
libxslt-tools-1.1.32-3.3.1
libxslt1-1.1.32-3.3.1
Image SLES15-SP1-SAP-Azure
libxslt1-1.1.32-3.3.1
Image SLES15-SP1-SAP-Azure-BYOS
libxslt1-1.1.32-3.3.1
Image SLES15-SP1-SAP-Azure-LI-BYOS-Production
libxslt-tools-1.1.32-3.3.1
libxslt1-1.1.32-3.3.1
Image SLES15-SP1-SAP-Azure-VLI-BYOS-Production
libxslt-tools-1.1.32-3.3.1
libxslt1-1.1.32-3.3.1
Image SLES15-SP1-SAP-EC2-HVM
libxslt1-1.1.32-3.3.1
Image SLES15-SP1-SAP-EC2-HVM-BYOS
libxslt1-1.1.32-3.3.1
Image SLES15-SP1-SAP-GCE
libxslt1-1.1.32-3.3.1
Image SLES15-SP1-SAP-GCE-BYOS
libxslt1-1.1.32-3.3.1
Image SLES15-SP1-SAP-OCI-BYOS
libxslt1-1.1.32-3.3.1
Image SLES15-SP1-SAPCAL-Azure
libxslt1-1.1.32-3.3.1
Image SLES15-SP1-SAPCAL-EC2-HVM
libxslt1-1.1.32-3.3.1
Image SLES15-SP1-SAPCAL-GCE
libxslt1-1.1.32-3.3.1
Image SLES15-SP2-Azure-Basic
libxslt1-1.1.32-3.3.1
Image SLES15-SP2-Azure-Standard
libxslt1-1.1.32-3.3.1
Image SLES15-SP2-BYOS-Azure
libxslt1-1.1.32-3.3.1
Image SLES15-SP2-BYOS-EC2-HVM
libxslt1-1.1.32-3.3.1
Image SLES15-SP2-BYOS-GCE
libxslt1-1.1.32-3.3.1
Image SLES15-SP2-CAP-Deployment-BYOS-Azure
libxslt1-1.1.32-3.3.1
Image SLES15-SP2-EC2-ECS-HVM
libxslt1-1.1.32-3.3.1
Image SLES15-SP2-EC2-HVM
libxslt1-1.1.32-3.3.1
Image SLES15-SP2-GCE
libxslt1-1.1.32-3.3.1
Image SLES15-SP2-HPC-Azure
libxslt1-1.1.32-3.3.1
Image SLES15-SP2-HPC-BYOS-Azure
libxslt1-1.1.32-3.3.1
Image SLES15-SP2-HPC-BYOS-EC2-HVM
libxslt1-1.1.32-3.3.1
Image SLES15-SP2-Manager-4-1-Proxy-BYOS-Azure
libxslt-tools-1.1.32-3.3.1
libxslt1-1.1.32-3.3.1
Image SLES15-SP2-Manager-4-1-Proxy-BYOS-EC2-HVM
libxslt-tools-1.1.32-3.3.1
libxslt1-1.1.32-3.3.1
Image SLES15-SP2-Manager-4-1-Proxy-BYOS-GCE
libxslt-tools-1.1.32-3.3.1
libxslt1-1.1.32-3.3.1
Image SLES15-SP2-Manager-4-1-Server-BYOS-Azure
libxslt-tools-1.1.32-3.3.1
libxslt1-1.1.32-3.3.1
Image SLES15-SP2-Manager-4-1-Server-BYOS-EC2-HVM
libxslt-tools-1.1.32-3.3.1
libxslt1-1.1.32-3.3.1
Image SLES15-SP2-Manager-4-1-Server-BYOS-GCE
libxslt-tools-1.1.32-3.3.1
libxslt1-1.1.32-3.3.1
Image SLES15-SP2-SAP-Azure
libxslt1-1.1.32-3.3.1
Image SLES15-SP2-SAP-Azure-LI-BYOS-Production
libxslt-tools-1.1.32-3.3.1
libxslt1-1.1.32-3.3.1
Image SLES15-SP2-SAP-Azure-VLI-BYOS-Production
libxslt-tools-1.1.32-3.3.1
libxslt1-1.1.32-3.3.1
Image SLES15-SP2-SAP-BYOS-Azure
libxslt1-1.1.32-3.3.1
Image SLES15-SP2-SAP-BYOS-EC2-HVM
libxslt1-1.1.32-3.3.1
Image SLES15-SP2-SAP-BYOS-GCE
libxslt1-1.1.32-3.3.1
Image SLES15-SP2-SAP-EC2-HVM
libxslt1-1.1.32-3.3.1
Image SLES15-SP2-SAP-GCE
libxslt1-1.1.32-3.3.1
Image SLES15-SP3-BYOS-Azure
libxslt1-1.1.32-3.3.1
Image SLES15-SP3-BYOS-EC2-HVM
libxslt1-1.1.32-3.3.1
Image SLES15-SP3-BYOS-GCE
libxslt1-1.1.32-3.3.1
Image SLES15-SP3-CHOST-BYOS-Aliyun
libxslt1-1.1.32-3.3.1
Image SLES15-SP3-CHOST-BYOS-Azure
libxslt1-1.1.32-3.3.1
Image SLES15-SP3-CHOST-BYOS-EC2
libxslt1-1.1.32-3.3.1
Image SLES15-SP3-CHOST-BYOS-GCE
libxslt1-1.1.32-3.3.1
Image SLES15-SP3-CHOST-BYOS-SAP-CCloud
libxslt1-1.1.32-3.3.1
Image SLES15-SP3-EC2-ECS-HVM
libxslt1-1.1.32-3.3.1
Image SLES15-SP3-EC2-HVM
libxslt1-1.1.32-3.3.1
Image SLES15-SP3-GCE
libxslt1-1.1.32-3.3.1
Image SLES15-SP3-HPC-Azure
libxslt1-1.1.32-3.3.1
Image SLES15-SP3-HPC-BYOS-Azure
libxslt1-1.1.32-3.3.1
Image SLES15-SP3-HPC-BYOS-EC2-HVM
libxslt1-1.1.32-3.3.1
Image SLES15-SP3-HPC-BYOS-GCE
libxslt1-1.1.32-3.3.1
Image SLES15-SP3-Manager-4-2-Proxy-BYOS-Azure
libxslt-tools-1.1.32-3.3.1
libxslt1-1.1.32-3.3.1
Image SLES15-SP3-Manager-4-2-Proxy-BYOS-EC2-HVM
libxslt-tools-1.1.32-3.3.1
libxslt1-1.1.32-3.3.1
Image SLES15-SP3-Manager-4-2-Proxy-BYOS-GCE
libxslt-tools-1.1.32-3.3.1
libxslt1-1.1.32-3.3.1
Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure
libxslt-tools-1.1.32-3.3.1
libxslt1-1.1.32-3.3.1
Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM
libxslt-tools-1.1.32-3.3.1
libxslt1-1.1.32-3.3.1
Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE
libxslt-tools-1.1.32-3.3.1
libxslt1-1.1.32-3.3.1
Image SLES15-SP3-SAP-Azure
libxslt1-1.1.32-3.3.1
Image SLES15-SP3-SAP-Azure-LI-BYOS-Production
libxslt-tools-1.1.32-3.3.1
libxslt1-1.1.32-3.3.1
Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production
libxslt-tools-1.1.32-3.3.1
libxslt1-1.1.32-3.3.1
Image SLES15-SP3-SAP-BYOS-Azure
libxslt1-1.1.32-3.3.1
Image SLES15-SP3-SAP-BYOS-EC2-HVM
libxslt1-1.1.32-3.3.1
Image SLES15-SP3-SAP-BYOS-GCE
libxslt1-1.1.32-3.3.1
Image SLES15-SP3-SAP-EC2-HVM
libxslt1-1.1.32-3.3.1
Image SLES15-SP3-SAP-GCE
libxslt1-1.1.32-3.3.1
Image SLES15-SP3-SAPCAL-Azure
libxslt1-1.1.32-3.3.1
Image SLES15-SP3-SAPCAL-EC2-HVM
libxslt1-1.1.32-3.3.1
Image SLES15-SP3-SAPCAL-GCE
libxslt1-1.1.32-3.3.1
SUSE Linux Enterprise Module for Basesystem 15 SP1
libxslt-devel-1.1.32-3.3.1
libxslt-tools-1.1.32-3.3.1
libxslt1-1.1.32-3.3.1
Ссылки
- Link for SUSE-SU-2019:1221-2
- E-Mail link for SUSE-SU-2019:1221-2
- SUSE Security Ratings
- SUSE Bug 1132160
- SUSE CVE CVE-2019-11068 page
Описание
libxslt through 1.1.33 allows bypass of a protection mechanism because callers of xsltCheckRead and xsltCheckWrite permit access even upon receiving a -1 error code. xsltCheckRead can return -1 for a crafted URL that is not actually invalid and is subsequently loaded.
Затронутые продукты
Container ses/7.1/cephcsi/cephcsi:latest:libxslt1-1.1.32-3.3.1
Container ses/7.1/rook/ceph:latest:libxslt1-1.1.32-3.3.1
Container ses/7/ceph/ceph:latest:libxslt1-1.1.32-3.3.1
Container ses/7/cephcsi/cephcsi:latest:libxslt1-1.1.32-3.3.1
Ссылки
- CVE-2019-11068
- SUSE Bug 1132160
- SUSE Bug 1154212