exploitDog

SUSE-SU-2019:3033-1

Опубликовано: 21 нояб. 2019

Источник: suse-cvrf

Описание

Security update for djvulibre

This update for djvulibre fixes the following issues:

Security issue fixed:

CVE-2019-18804: Fixed a null pointer dereference (bsc#1156188).

Other issue addressed:

Fixed a crash when mmx was enabled (bsc#1154401)

Список пакетов

SUSE Linux Enterprise Module for Desktop Applications 15

libdjvulibre-devel-3.5.27-3.8.1

libdjvulibre21-3.5.27-3.8.1

SUSE Linux Enterprise Module for Desktop Applications 15 SP1

libdjvulibre-devel-3.5.27-3.8.1

libdjvulibre21-3.5.27-3.8.1

SUSE Linux Enterprise Module for Package Hub 15

djvulibre-3.5.27-3.8.1

Ссылки

https://www.suse.com/support/update/announcement/2019/suse-su-20193033-1/
Link for SUSE-SU-2019:3033-1
https://lists.suse.com/pipermail/sle-security-updates/2019-November/006161.html
E-Mail link for SUSE-SU-2019:3033-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1154401
SUSE Bug 1154401
https://bugzilla.suse.com/1156188
SUSE Bug 1156188
https://www.suse.com/security/cve/CVE-2019-18804/
SUSE CVE CVE-2019-18804 page

Описание

DjVuLibre 3.5.27 has a NULL pointer dereference in the function DJVU::filter_fv at IW44EncodeCodec.cpp.

Затронутые продукты

SUSE Linux Enterprise Module for Desktop Applications 15 SP1:libdjvulibre-devel-3.5.27-3.8.1

SUSE Linux Enterprise Module for Desktop Applications 15 SP1:libdjvulibre21-3.5.27-3.8.1

SUSE Linux Enterprise Module for Desktop Applications 15:libdjvulibre-devel-3.5.27-3.8.1

SUSE Linux Enterprise Module for Desktop Applications 15:libdjvulibre21-3.5.27-3.8.1

Ссылки

https://www.suse.com/security/cve/CVE-2019-18804.html
CVE-2019-18804
https://bugzilla.suse.com/1156188
SUSE Bug 1156188

Уязвимость SUSE-SU-2019:3033-1