Описание
Security update for graphviz
This update for graphviz fixes the following issues:
Security issue fixed:
- CVE-2019-11023: Fixed a denial of service vulnerability, which was caused by a NULL pointer dereference in agroot() (bsc#1132091).
Список пакетов
Image SLES15-SP3-SAP-Azure-LI-BYOS-Production
graphviz-2.40.1-6.3.2
graphviz-gd-2.40.1-6.3.2
graphviz-plugins-core-2.40.1-6.3.2
libgraphviz6-2.40.1-6.3.2
Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production
graphviz-2.40.1-6.3.2
graphviz-gd-2.40.1-6.3.2
graphviz-plugins-core-2.40.1-6.3.2
libgraphviz6-2.40.1-6.3.2
Image SLES15-SP3-SAP-BYOS-Azure
graphviz-2.40.1-6.3.2
graphviz-gd-2.40.1-6.3.2
graphviz-plugins-core-2.40.1-6.3.2
libgraphviz6-2.40.1-6.3.2
Image SLES15-SP3-SAP-BYOS-EC2-HVM
graphviz-2.40.1-6.3.2
graphviz-gd-2.40.1-6.3.2
graphviz-plugins-core-2.40.1-6.3.2
libgraphviz6-2.40.1-6.3.2
Image SLES15-SP3-SAP-BYOS-GCE
graphviz-2.40.1-6.3.2
graphviz-gd-2.40.1-6.3.2
graphviz-plugins-core-2.40.1-6.3.2
libgraphviz6-2.40.1-6.3.2
SUSE Linux Enterprise High Availability Extension 15 SP1
graphviz-gd-2.40.1-6.3.2
graphviz-python-2.40.1-6.3.2
SUSE Linux Enterprise Module for Basesystem 15 SP1
graphviz-2.40.1-6.3.2
graphviz-devel-2.40.1-6.3.2
graphviz-plugins-core-2.40.1-6.3.2
libgraphviz6-2.40.1-6.3.2
SUSE Linux Enterprise Module for Development Tools 15 SP1
graphviz-perl-2.40.1-6.3.2
SUSE Linux Enterprise Module for Server Applications 15 SP1
graphviz-tcl-2.40.1-6.3.2
Ссылки
- Link for SUSE-SU-2019:1267-2
- E-Mail link for SUSE-SU-2019:1267-2
- SUSE Security Ratings
- SUSE Bug 1132091
- SUSE CVE CVE-2019-11023 page
Описание
The agroot() function in cgraph\obj.c in libcgraph.a in Graphviz 2.39.20160612.1140 has a NULL pointer dereference, as demonstrated by graphml2gv.
Затронутые продукты
Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:graphviz-2.40.1-6.3.2
Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:graphviz-gd-2.40.1-6.3.2
Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:graphviz-plugins-core-2.40.1-6.3.2
Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:libgraphviz6-2.40.1-6.3.2
Ссылки
- CVE-2019-11023
- SUSE Bug 1132091