SUSE-SU-2020:2225-1

Опубликовано: 13 авг. 2020

Источник: suse-cvrf

Описание

Security update for xerces-c

This update for xerces-c fixes the following issues:

CVE-2017-12627: Processing of external DTD paths could have resulted in a null pointer dereference under certain conditions (bsc#1083630)

Список пакетов

SUSE Enterprise Storage 5

libxerces-c-3_1-3.1.1-13.3.6

libxerces-c-3_1-32bit-3.1.1-13.3.6

SUSE Linux Enterprise Server 12 SP2-BCL

libxerces-c-3_1-3.1.1-13.3.6

libxerces-c-3_1-32bit-3.1.1-13.3.6

SUSE Linux Enterprise Server 12 SP2-LTSS

libxerces-c-3_1-3.1.1-13.3.6

libxerces-c-3_1-32bit-3.1.1-13.3.6

SUSE Linux Enterprise Server 12 SP3-BCL

libxerces-c-3_1-3.1.1-13.3.6

libxerces-c-3_1-32bit-3.1.1-13.3.6

SUSE Linux Enterprise Server 12 SP3-LTSS

libxerces-c-3_1-3.1.1-13.3.6

libxerces-c-3_1-32bit-3.1.1-13.3.6

SUSE Linux Enterprise Server 12 SP4-LTSS

libxerces-c-3_1-3.1.1-13.3.6

libxerces-c-3_1-32bit-3.1.1-13.3.6

SUSE Linux Enterprise Server 12 SP5

libxerces-c-3_1-3.1.1-13.3.6

libxerces-c-3_1-32bit-3.1.1-13.3.6

SUSE Linux Enterprise Server for SAP Applications 12 SP2

libxerces-c-3_1-3.1.1-13.3.6

libxerces-c-3_1-32bit-3.1.1-13.3.6

SUSE Linux Enterprise Server for SAP Applications 12 SP3

libxerces-c-3_1-3.1.1-13.3.6

libxerces-c-3_1-32bit-3.1.1-13.3.6

SUSE Linux Enterprise Server for SAP Applications 12 SP4

libxerces-c-3_1-3.1.1-13.3.6

libxerces-c-3_1-32bit-3.1.1-13.3.6

SUSE Linux Enterprise Server for SAP Applications 12 SP5

libxerces-c-3_1-3.1.1-13.3.6

libxerces-c-3_1-32bit-3.1.1-13.3.6

SUSE Linux Enterprise Software Development Kit 12 SP5

libxerces-c-devel-3.1.1-13.3.6

SUSE OpenStack Cloud 7

libxerces-c-3_1-3.1.1-13.3.6

libxerces-c-3_1-32bit-3.1.1-13.3.6

SUSE OpenStack Cloud 8

libxerces-c-3_1-3.1.1-13.3.6

libxerces-c-3_1-32bit-3.1.1-13.3.6

SUSE OpenStack Cloud 9

libxerces-c-3_1-3.1.1-13.3.6

libxerces-c-3_1-32bit-3.1.1-13.3.6

SUSE OpenStack Cloud Crowbar 9

libxerces-c-3_1-3.1.1-13.3.6

libxerces-c-3_1-32bit-3.1.1-13.3.6

Ссылки

https://www.suse.com/support/update/announcement/2020/suse-su-20202225-1/
Link for SUSE-SU-2020:2225-1
https://lists.suse.com/pipermail/sle-security-updates/2020-August/007262.html
E-Mail link for SUSE-SU-2020:2225-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1083630
SUSE Bug 1083630
https://www.suse.com/security/cve/CVE-2017-12627/
SUSE CVE CVE-2017-12627 page

Описание

In Apache Xerces-C XML Parser library before 3.2.1, processing of external DTD paths can result in a null pointer dereference under certain conditions.

Затронутые продукты

SUSE Enterprise Storage 5:libxerces-c-3_1-3.1.1-13.3.6

SUSE Enterprise Storage 5:libxerces-c-3_1-32bit-3.1.1-13.3.6

SUSE Linux Enterprise Server 12 SP2-BCL:libxerces-c-3_1-3.1.1-13.3.6

SUSE Linux Enterprise Server 12 SP2-BCL:libxerces-c-3_1-32bit-3.1.1-13.3.6

Ссылки

https://www.suse.com/security/cve/CVE-2017-12627.html
CVE-2017-12627
https://bugzilla.suse.com/1083630
SUSE Bug 1083630

SUSE-SU-2020:2225-1

Описание

Список пакетов

SUSE Enterprise Storage 5

SUSE Linux Enterprise Server 12 SP2-BCL

SUSE Linux Enterprise Server 12 SP2-LTSS

SUSE Linux Enterprise Server 12 SP3-BCL

SUSE Linux Enterprise Server 12 SP3-LTSS

SUSE Linux Enterprise Server 12 SP4-LTSS

SUSE Linux Enterprise Server 12 SP5

SUSE Linux Enterprise Server for SAP Applications 12 SP2

SUSE Linux Enterprise Server for SAP Applications 12 SP3

SUSE Linux Enterprise Server for SAP Applications 12 SP4

SUSE Linux Enterprise Server for SAP Applications 12 SP5

SUSE Linux Enterprise Software Development Kit 12 SP5

SUSE OpenStack Cloud 7

SUSE OpenStack Cloud 8

SUSE OpenStack Cloud 9

SUSE OpenStack Cloud Crowbar 9

Ссылки

Уязвимость: CVE-2017-12627

Описание

Затронутые продукты

Ссылки