Описание
Security update for mgetty
This update for mgetty fixes the following issues:
- CVE-2019-1010190: Fixed a denial of service which could be caused by a local attacker in putwhitespan() (bsc#1142770).
- Fixed a permission issue which have resulted in build failures (bsc#1168170).
Список пакетов
SUSE Linux Enterprise Module for Basesystem 15 SP1
g3utils-1.1.37-3.8.1
mgetty-1.1.37-3.8.1
Ссылки
- Link for SUSE-SU-2020:0957-1
- E-Mail link for SUSE-SU-2020:0957-1
- SUSE Security Ratings
- SUSE Bug 1142770
- SUSE Bug 1168170
- SUSE CVE CVE-2019-1010190 page
Описание
mgetty prior to 1.2.1 is affected by: out-of-bounds read. The impact is: DoS, the program may crash if the memory is not mapped. The component is: putwhitespan() in g3/pbm2g3.c. The attack vector is: Local, the victim must open a specially crafted file. The fixed version is: 1.2.1.
Затронутые продукты
SUSE Linux Enterprise Module for Basesystem 15 SP1:g3utils-1.1.37-3.8.1
SUSE Linux Enterprise Module for Basesystem 15 SP1:mgetty-1.1.37-3.8.1
Ссылки
- CVE-2019-1010190
- SUSE Bug 1142770