Описание
Security update for libmspack
This update for libmspack fixes the following issues:
Security issue fixed:
- CVE-2019-1010305: Fixed a buffer overflow triggered by a crafted chm file which could have led to information disclosure (bsc#1141680).
Other issue addressed:
- Enable build-time tests (bsc#1130489)
Список пакетов
Container rancher/elemental-teal-iso/5.4:latest
libmspack0-0.6-3.8.19
Container rancher/elemental-teal-rt/5.3:latest
libmspack0-0.6-3.8.19
Container rancher/elemental-teal-rt/5.4:latest
libmspack0-0.6-3.8.19
Container rancher/elemental-teal/5.3:latest
libmspack0-0.6-3.8.19
Container rancher/elemental-teal/5.4:latest
libmspack0-0.6-3.8.19
Container suse/sle-micro-rancher/5.2:latest
libmspack0-0.6-3.8.19
Container suse/sle-micro-rancher/5.3:latest
libmspack0-0.6-3.8.19
Container suse/sle-micro-rancher/5.4:latest
libmspack0-0.6-3.8.19
Container suse/sle-micro/5.5:latest
libmspack0-0.6-3.8.19
Image SLES15-SAP-Azure-LI-BYOS-Production
libmspack0-0.6-3.8.19
Image SLES15-SAP-Azure-VLI-BYOS-Production
libmspack0-0.6-3.8.19
Image SLES15-SP1-SAP-Azure-LI-BYOS-Production
libmspack0-0.6-3.8.19
Image SLES15-SP1-SAP-Azure-VLI-BYOS-Production
libmspack0-0.6-3.8.19
Image SLES15-SP2-SAP-Azure-LI-BYOS-Production
libmspack0-0.6-3.8.19
Image SLES15-SP2-SAP-Azure-VLI-BYOS-Production
libmspack0-0.6-3.8.19
Image SLES15-SP3-CHOST-BYOS-SAP-CCloud
libmspack0-0.6-3.8.19
Image SLES15-SP4-CHOST-BYOS-SAP-CCloud
libmspack0-0.6-3.8.19
Image SLES15-SP5-CHOST-BYOS-SAP-CCloud
libmspack0-0.6-3.8.19
SUSE Linux Enterprise Module for Basesystem 15 SP1
libmspack-devel-0.6-3.8.19
libmspack0-0.6-3.8.19
Ссылки
- Link for SUSE-SU-2020:1493-1
- E-Mail link for SUSE-SU-2020:1493-1
- SUSE Security Ratings
- SUSE Bug 1130489
- SUSE Bug 1141680
- SUSE CVE CVE-2019-1010305 page
Описание
libmspack 0.9.1alpha is affected by: Buffer Overflow. The impact is: Information Disclosure. The component is: function chmd_read_headers() in libmspack(file libmspack/mspack/chmd.c). The attack vector is: the victim must open a specially crafted chm file. The fixed version is: after commit 2f084136cfe0d05e5bf5703f3e83c6d955234b4d.
Затронутые продукты
Container rancher/elemental-teal-iso/5.4:latest:libmspack0-0.6-3.8.19
Container rancher/elemental-teal-rt/5.3:latest:libmspack0-0.6-3.8.19
Container rancher/elemental-teal-rt/5.4:latest:libmspack0-0.6-3.8.19
Container rancher/elemental-teal/5.3:latest:libmspack0-0.6-3.8.19
Ссылки
- CVE-2019-1010305
- SUSE Bug 1141680