Описание
Security update for ed
This update for ed fixes the following security issue:
- CVE-2017-5357: An invalid free in the regular expression handling of the 'ed' command processing could allow local users to crash ed. (bsc#1019807)
Список пакетов
Image SLES12-SP4-SAP-Azure
ed-1.9-4.4.5
Image SLES12-SP4-SAP-Azure-BYOS
ed-1.9-4.4.5
Image SLES12-SP4-SAP-Azure-LI-BYOS-Production
ed-1.9-4.4.5
Image SLES12-SP4-SAP-Azure-VLI-BYOS-Production
ed-1.9-4.4.5
Image SLES12-SP4-SAP-EC2-HVM
ed-1.9-4.4.5
Image SLES12-SP4-SAP-EC2-HVM-BYOS
ed-1.9-4.4.5
Image SLES12-SP4-SAP-GCE
ed-1.9-4.4.5
Image SLES12-SP4-SAP-GCE-BYOS
ed-1.9-4.4.5
Image SLES12-SP4-SAP-OCI-BYOS
ed-1.9-4.4.5
Image SLES12-SP5-Azure-SAP-BYOS
ed-1.9-4.4.5
Image SLES12-SP5-Azure-SAP-On-Demand
ed-1.9-4.4.5
Image SLES12-SP5-EC2-SAP-BYOS
ed-1.9-4.4.5
Image SLES12-SP5-EC2-SAP-On-Demand
ed-1.9-4.4.5
Image SLES12-SP5-GCE-SAP-BYOS
ed-1.9-4.4.5
Image SLES12-SP5-GCE-SAP-On-Demand
ed-1.9-4.4.5
Image SLES12-SP5-OCI-BYOS-SAP-BYOS
ed-1.9-4.4.5
Image SLES12-SP5-SAP-Azure-LI-BYOS-Production
ed-1.9-4.4.5
Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production
ed-1.9-4.4.5
SUSE Linux Enterprise Server 12 SP4
ed-1.9-4.4.5
SUSE Linux Enterprise Server 12 SP5
ed-1.9-4.4.5
SUSE Linux Enterprise Server for SAP Applications 12 SP4
ed-1.9-4.4.5
SUSE Linux Enterprise Server for SAP Applications 12 SP5
ed-1.9-4.4.5
Ссылки
- Link for SUSE-SU-2020:1608-1
- E-Mail link for SUSE-SU-2020:1608-1
- SUSE Security Ratings
- SUSE Bug 1019807
- SUSE CVE CVE-2017-5357 page
Описание
regex.c in GNU ed before 1.14.1 allows attackers to cause a denial of service (crash) via a malformed command, which triggers an invalid free.
Затронутые продукты
Image SLES12-SP4-SAP-Azure-BYOS:ed-1.9-4.4.5
Image SLES12-SP4-SAP-Azure-LI-BYOS-Production:ed-1.9-4.4.5
Image SLES12-SP4-SAP-Azure-VLI-BYOS-Production:ed-1.9-4.4.5
Image SLES12-SP4-SAP-Azure:ed-1.9-4.4.5
Ссылки
- CVE-2017-5357
- SUSE Bug 1019807
- SUSE Bug 1148899
- SUSE Bug 1196769