Описание
Security update for graphviz
This update for graphviz fixes the following issues:
- CVE-2018-10196: Fixed a null dereference in rebuild_vlis (bsc#1093447).
Список пакетов
Image SLES15-SAP-Azure
graphviz-2.40.1-6.6.4
graphviz-gd-2.40.1-6.6.8
graphviz-plugins-core-2.40.1-6.6.4
libgraphviz6-2.40.1-6.6.4
Image SLES15-SAP-Azure-BYOS
graphviz-2.40.1-6.6.4
graphviz-gd-2.40.1-6.6.8
graphviz-plugins-core-2.40.1-6.6.4
libgraphviz6-2.40.1-6.6.4
Image SLES15-SAP-Azure-LI-BYOS-Production
graphviz-2.40.1-6.6.4
graphviz-gd-2.40.1-6.6.8
graphviz-plugins-core-2.40.1-6.6.4
libgraphviz6-2.40.1-6.6.4
Image SLES15-SAP-Azure-VLI-BYOS-Production
graphviz-2.40.1-6.6.4
graphviz-gd-2.40.1-6.6.8
graphviz-plugins-core-2.40.1-6.6.4
libgraphviz6-2.40.1-6.6.4
Image SLES15-SAP-EC2-HVM
graphviz-2.40.1-6.6.4
graphviz-gd-2.40.1-6.6.8
graphviz-plugins-core-2.40.1-6.6.4
libgraphviz6-2.40.1-6.6.4
Image SLES15-SAP-EC2-HVM-BYOS
graphviz-2.40.1-6.6.4
graphviz-gd-2.40.1-6.6.8
graphviz-plugins-core-2.40.1-6.6.4
libgraphviz6-2.40.1-6.6.4
Image SLES15-SAP-GCE
graphviz-2.40.1-6.6.4
graphviz-gd-2.40.1-6.6.8
graphviz-plugins-core-2.40.1-6.6.4
libgraphviz6-2.40.1-6.6.4
Image SLES15-SAP-GCE-BYOS
graphviz-2.40.1-6.6.4
graphviz-gd-2.40.1-6.6.8
graphviz-plugins-core-2.40.1-6.6.4
libgraphviz6-2.40.1-6.6.4
Image SLES15-SAP-OCI-BYOS
graphviz-2.40.1-6.6.4
graphviz-gd-2.40.1-6.6.8
graphviz-plugins-core-2.40.1-6.6.4
libgraphviz6-2.40.1-6.6.4
Image SLES15-SP1-SAP-Azure
graphviz-2.40.1-6.6.4
graphviz-gd-2.40.1-6.6.8
graphviz-plugins-core-2.40.1-6.6.4
libgraphviz6-2.40.1-6.6.4
Image SLES15-SP1-SAP-Azure-BYOS
graphviz-2.40.1-6.6.4
graphviz-gd-2.40.1-6.6.8
graphviz-plugins-core-2.40.1-6.6.4
libgraphviz6-2.40.1-6.6.4
Image SLES15-SP1-SAP-Azure-LI-BYOS-Production
graphviz-2.40.1-6.6.4
graphviz-gd-2.40.1-6.6.8
graphviz-plugins-core-2.40.1-6.6.4
libgraphviz6-2.40.1-6.6.4
Image SLES15-SP1-SAP-Azure-VLI-BYOS-Production
graphviz-2.40.1-6.6.4
graphviz-gd-2.40.1-6.6.8
graphviz-plugins-core-2.40.1-6.6.4
libgraphviz6-2.40.1-6.6.4
Image SLES15-SP1-SAP-EC2-HVM
graphviz-2.40.1-6.6.4
graphviz-gd-2.40.1-6.6.8
graphviz-plugins-core-2.40.1-6.6.4
libgraphviz6-2.40.1-6.6.4
Image SLES15-SP1-SAP-EC2-HVM-BYOS
graphviz-2.40.1-6.6.4
graphviz-gd-2.40.1-6.6.8
graphviz-plugins-core-2.40.1-6.6.4
libgraphviz6-2.40.1-6.6.4
Image SLES15-SP1-SAP-GCE
graphviz-2.40.1-6.6.4
graphviz-gd-2.40.1-6.6.8
graphviz-plugins-core-2.40.1-6.6.4
libgraphviz6-2.40.1-6.6.4
Image SLES15-SP1-SAP-GCE-BYOS
graphviz-2.40.1-6.6.4
graphviz-gd-2.40.1-6.6.8
graphviz-plugins-core-2.40.1-6.6.4
libgraphviz6-2.40.1-6.6.4
Image SLES15-SP1-SAP-OCI-BYOS
graphviz-2.40.1-6.6.4
graphviz-gd-2.40.1-6.6.8
graphviz-plugins-core-2.40.1-6.6.4
libgraphviz6-2.40.1-6.6.4
Image SLES15-SP2-SAP-Azure
graphviz-2.40.1-6.6.4
graphviz-gd-2.40.1-6.6.8
graphviz-plugins-core-2.40.1-6.6.4
libgraphviz6-2.40.1-6.6.4
Image SLES15-SP2-SAP-Azure-LI-BYOS-Production
graphviz-2.40.1-6.6.4
graphviz-gd-2.40.1-6.6.8
graphviz-plugins-core-2.40.1-6.6.4
libgraphviz6-2.40.1-6.6.4
Image SLES15-SP2-SAP-Azure-VLI-BYOS-Production
graphviz-2.40.1-6.6.4
graphviz-gd-2.40.1-6.6.8
graphviz-plugins-core-2.40.1-6.6.4
libgraphviz6-2.40.1-6.6.4
Image SLES15-SP2-SAP-BYOS-Azure
graphviz-2.40.1-6.6.4
graphviz-gd-2.40.1-6.6.8
graphviz-plugins-core-2.40.1-6.6.4
libgraphviz6-2.40.1-6.6.4
Image SLES15-SP2-SAP-BYOS-EC2-HVM
graphviz-2.40.1-6.6.4
graphviz-gd-2.40.1-6.6.8
graphviz-plugins-core-2.40.1-6.6.4
libgraphviz6-2.40.1-6.6.4
Image SLES15-SP2-SAP-BYOS-GCE
graphviz-2.40.1-6.6.4
graphviz-gd-2.40.1-6.6.8
graphviz-plugins-core-2.40.1-6.6.4
libgraphviz6-2.40.1-6.6.4
Image SLES15-SP2-SAP-EC2-HVM
graphviz-2.40.1-6.6.4
graphviz-gd-2.40.1-6.6.8
graphviz-plugins-core-2.40.1-6.6.4
libgraphviz6-2.40.1-6.6.4
Image SLES15-SP2-SAP-GCE
graphviz-2.40.1-6.6.4
graphviz-gd-2.40.1-6.6.8
graphviz-plugins-core-2.40.1-6.6.4
libgraphviz6-2.40.1-6.6.4
Image SLES15-SP3-SAP-Azure-LI-BYOS-Production
graphviz-2.40.1-6.6.4
graphviz-gd-2.40.1-6.6.8
graphviz-plugins-core-2.40.1-6.6.4
libgraphviz6-2.40.1-6.6.4
Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production
graphviz-2.40.1-6.6.4
graphviz-gd-2.40.1-6.6.8
graphviz-plugins-core-2.40.1-6.6.4
libgraphviz6-2.40.1-6.6.4
Image SLES15-SP3-SAP-BYOS-Azure
graphviz-2.40.1-6.6.4
graphviz-gd-2.40.1-6.6.8
graphviz-plugins-core-2.40.1-6.6.4
libgraphviz6-2.40.1-6.6.4
Image SLES15-SP3-SAP-BYOS-EC2-HVM
graphviz-2.40.1-6.6.4
graphviz-gd-2.40.1-6.6.8
graphviz-plugins-core-2.40.1-6.6.4
libgraphviz6-2.40.1-6.6.4
Image SLES15-SP3-SAP-BYOS-GCE
graphviz-2.40.1-6.6.4
graphviz-gd-2.40.1-6.6.8
graphviz-plugins-core-2.40.1-6.6.4
libgraphviz6-2.40.1-6.6.4
SUSE Linux Enterprise High Availability Extension 15
graphviz-gd-2.40.1-6.6.8
graphviz-python-2.40.1-6.6.8
SUSE Linux Enterprise High Availability Extension 15 SP1
graphviz-gd-2.40.1-6.6.8
graphviz-python-2.40.1-6.6.8
SUSE Linux Enterprise Module for Basesystem 15 SP1
graphviz-2.40.1-6.6.4
graphviz-devel-2.40.1-6.6.4
graphviz-plugins-core-2.40.1-6.6.4
libgraphviz6-2.40.1-6.6.4
SUSE Linux Enterprise Module for Development Tools 15 SP1
graphviz-perl-2.40.1-6.6.8
SUSE Linux Enterprise Module for Server Applications 15 SP1
graphviz-tcl-2.40.1-6.6.8
Ссылки
- Link for SUSE-SU-2020:2346-1
- E-Mail link for SUSE-SU-2020:2346-1
- SUSE Security Ratings
- SUSE Bug 1093447
- SUSE CVE CVE-2018-10196 page
Описание
NULL pointer dereference vulnerability in the rebuild_vlists function in lib/dotgen/conc.c in the dotgen library in Graphviz 2.40.1 allows remote attackers to cause a denial of service (application crash) via a crafted file.
Затронутые продукты
Image SLES15-SAP-Azure-BYOS:graphviz-2.40.1-6.6.4
Image SLES15-SAP-Azure-BYOS:graphviz-gd-2.40.1-6.6.8
Image SLES15-SAP-Azure-BYOS:graphviz-plugins-core-2.40.1-6.6.4
Image SLES15-SAP-Azure-BYOS:libgraphviz6-2.40.1-6.6.4
Ссылки
- CVE-2018-10196
- SUSE Bug 1093447