SUSE-SU-2020:1297-1

Опубликовано: 18 мая 2020

Источник: suse-cvrf

Описание

Security update for libvpx

This update for libvpx fixes the following issues:

CVE-2020-0034: Fixed an out-of-bounds read on truncated key frames (bsc#1166066).

Список пакетов

SUSE Linux Enterprise Module for Basesystem 15 SP1

libvpx4-1.6.1-6.6.8

SUSE Linux Enterprise Module for Desktop Applications 15 SP1

libvpx-devel-1.6.1-6.6.8

Ссылки

https://www.suse.com/support/update/announcement/2020/suse-su-20201297-1/
Link for SUSE-SU-2020:1297-1
https://lists.suse.com/pipermail/sle-security-updates/2020-May/006827.html
E-Mail link for SUSE-SU-2020:1297-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1166066
SUSE Bug 1166066
https://www.suse.com/security/cve/CVE-2020-0034/
SUSE CVE CVE-2020-0034 page

Описание

In vp8_decode_frame of decodeframe.c, there is a possible out of bounds read due to improper input validation. This could lead to remote information disclosure if error correction were turned on, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1Android ID: A-62458770

Затронутые продукты

SUSE Linux Enterprise Module for Basesystem 15 SP1:libvpx4-1.6.1-6.6.8

SUSE Linux Enterprise Module for Desktop Applications 15 SP1:libvpx-devel-1.6.1-6.6.8

Ссылки

https://www.suse.com/security/cve/CVE-2020-0034.html
CVE-2020-0034
https://bugzilla.suse.com/1166066
SUSE Bug 1166066

SUSE-SU-2020:1297-1

Описание

Список пакетов

SUSE Linux Enterprise Module for Basesystem 15 SP1

SUSE Linux Enterprise Module for Desktop Applications 15 SP1

Ссылки

Уязвимость: CVE-2020-0034

Описание

Затронутые продукты

Ссылки