SUSE-SU-2019:2339-2

Опубликовано: 12 сент. 2019

Источник: suse-cvrf

Описание

Security update for curl

This update for curl fixes the following issues:

Security issue fixed:

CVE-2019-5482: Fixed TFTP small blocksize heap buffer overflow (bsc#1149496).

Список пакетов

Container caasp/v4/nginx-ingress-controller:beta1

libcurl4-7.37.0-37.43.1

Container suse/sles12sp3:latest

libcurl4-7.37.0-37.43.1

HPE Helion OpenStack 8

curl-7.37.0-37.43.1

libcurl4-7.37.0-37.43.1

libcurl4-32bit-7.37.0-37.43.1

SUSE Enterprise Storage 4

curl-7.37.0-37.43.1

libcurl4-7.37.0-37.43.1

libcurl4-32bit-7.37.0-37.43.1

SUSE Enterprise Storage 5

curl-7.37.0-37.43.1

libcurl4-7.37.0-37.43.1

libcurl4-32bit-7.37.0-37.43.1

SUSE Linux Enterprise Server 12 SP1-LTSS

curl-7.37.0-37.43.1

libcurl4-7.37.0-37.43.1

libcurl4-32bit-7.37.0-37.43.1

SUSE Linux Enterprise Server 12 SP2-BCL

curl-7.37.0-37.43.1

libcurl4-7.37.0-37.43.1

libcurl4-32bit-7.37.0-37.43.1

SUSE Linux Enterprise Server 12 SP2-LTSS

curl-7.37.0-37.43.1

libcurl4-7.37.0-37.43.1

libcurl4-32bit-7.37.0-37.43.1

SUSE Linux Enterprise Server 12 SP3-BCL

curl-7.37.0-37.43.1

libcurl4-7.37.0-37.43.1

libcurl4-32bit-7.37.0-37.43.1

SUSE Linux Enterprise Server 12 SP3-LTSS

curl-7.37.0-37.43.1

libcurl4-7.37.0-37.43.1

libcurl4-32bit-7.37.0-37.43.1

SUSE Linux Enterprise Server for SAP Applications 12 SP1

curl-7.37.0-37.43.1

libcurl4-7.37.0-37.43.1

libcurl4-32bit-7.37.0-37.43.1

SUSE Linux Enterprise Server for SAP Applications 12 SP2

curl-7.37.0-37.43.1

libcurl4-7.37.0-37.43.1

libcurl4-32bit-7.37.0-37.43.1

SUSE Linux Enterprise Server for SAP Applications 12 SP3

curl-7.37.0-37.43.1

libcurl4-7.37.0-37.43.1

libcurl4-32bit-7.37.0-37.43.1

SUSE OpenStack Cloud 7

curl-7.37.0-37.43.1

libcurl4-7.37.0-37.43.1

libcurl4-32bit-7.37.0-37.43.1

SUSE OpenStack Cloud 8

curl-7.37.0-37.43.1

libcurl4-7.37.0-37.43.1

libcurl4-32bit-7.37.0-37.43.1

SUSE OpenStack Cloud Crowbar 8

curl-7.37.0-37.43.1

libcurl4-7.37.0-37.43.1

libcurl4-32bit-7.37.0-37.43.1

Ссылки

https://www.suse.com/support/update/announcement/2019/suse-su-20192339-2/
Link for SUSE-SU-2019:2339-2
https://www.suse.com/support/update/announcement/2019/suse-su-20192339-2.html
E-Mail link for SUSE-SU-2019:2339-2
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1149496
SUSE Bug 1149496
https://www.suse.com/security/cve/CVE-2019-5482/
SUSE CVE CVE-2019-5482 page

Описание

Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to 7.65.3.

Затронутые продукты

Container caasp/v4/nginx-ingress-controller:beta1:libcurl4-7.37.0-37.43.1

Container suse/sles12sp3:latest:libcurl4-7.37.0-37.43.1

HPE Helion OpenStack 8:curl-7.37.0-37.43.1

HPE Helion OpenStack 8:libcurl4-32bit-7.37.0-37.43.1

Ссылки

https://www.suse.com/security/cve/CVE-2019-5482.html
CVE-2019-5482
https://bugzilla.suse.com/1149496
SUSE Bug 1149496
https://bugzilla.suse.com/1156634
SUSE Bug 1156634

SUSE-SU-2019:2339-2

Описание

Список пакетов

Container caasp/v4/nginx-ingress-controller:beta1

Container suse/sles12sp3:latest

HPE Helion OpenStack 8

SUSE Enterprise Storage 4

SUSE Enterprise Storage 5

SUSE Linux Enterprise Server 12 SP1-LTSS

SUSE Linux Enterprise Server 12 SP2-BCL

SUSE Linux Enterprise Server 12 SP2-LTSS

SUSE Linux Enterprise Server 12 SP3-BCL

SUSE Linux Enterprise Server 12 SP3-LTSS

SUSE Linux Enterprise Server for SAP Applications 12 SP1

SUSE Linux Enterprise Server for SAP Applications 12 SP2

SUSE Linux Enterprise Server for SAP Applications 12 SP3

SUSE OpenStack Cloud 7

SUSE OpenStack Cloud 8

SUSE OpenStack Cloud Crowbar 8

Ссылки

Уязвимость: CVE-2019-5482

Описание

Затронутые продукты

Ссылки