Описание
Security update for perl-DBI
This update for perl-DBI fixes the following issues:
Security issues fixed:
- CVE-2020-14392: Memory corruption in XS functions when Perl stack is reallocated (bsc#1176412).
- CVE-2020-14393: Fixed a buffer overflow on an overlong DBD class name (bsc#1176409).
Список пакетов
Image SLES15-SP1-Manager-4-0-Azure-BYOS-Proxy
perl-DBI-1.639-3.8.1
Image SLES15-SP1-Manager-4-0-Azure-BYOS-Server
perl-DBI-1.639-3.8.1
Image SLES15-SP1-Manager-4-0-EC2-HVM-BYOS-Proxy
perl-DBI-1.639-3.8.1
Image SLES15-SP1-Manager-4-0-EC2-HVM-BYOS-Server
perl-DBI-1.639-3.8.1
Image SLES15-SP1-Manager-4-0-GCE-BYOS-Proxy
perl-DBI-1.639-3.8.1
Image SLES15-SP1-Manager-4-0-GCE-BYOS-Server
perl-DBI-1.639-3.8.1
SUSE Linux Enterprise High Performance Computing 15-ESPOS
perl-DBI-1.639-3.8.1
SUSE Linux Enterprise High Performance Computing 15-LTSS
perl-DBI-1.639-3.8.1
SUSE Linux Enterprise Module for Basesystem 15 SP1
perl-DBI-1.639-3.8.1
SUSE Linux Enterprise Server 15-LTSS
perl-DBI-1.639-3.8.1
SUSE Linux Enterprise Server for SAP Applications 15
perl-DBI-1.639-3.8.1
Ссылки
- Link for SUSE-SU-2020:2645-1
- E-Mail link for SUSE-SU-2020:2645-1
- SUSE Security Ratings
- SUSE Bug 1176409
- SUSE Bug 1176412
- SUSE CVE CVE-2020-14392 page
- SUSE CVE CVE-2020-14393 page
Описание
An untrusted pointer dereference flaw was found in Perl-DBI < 1.643. A local attacker who is able to manipulate calls to dbd_db_login6_sv() could cause memory corruption, affecting the service's availability.
Затронутые продукты
Image SLES15-SP1-Manager-4-0-Azure-BYOS-Proxy:perl-DBI-1.639-3.8.1
Image SLES15-SP1-Manager-4-0-Azure-BYOS-Server:perl-DBI-1.639-3.8.1
Image SLES15-SP1-Manager-4-0-EC2-HVM-BYOS-Proxy:perl-DBI-1.639-3.8.1
Image SLES15-SP1-Manager-4-0-EC2-HVM-BYOS-Server:perl-DBI-1.639-3.8.1
Ссылки
- CVE-2020-14392
- SUSE Bug 1176412
Описание
A buffer overflow was found in perl-DBI < 1.643 in DBI.xs. A local attacker who is able to supply a string longer than 300 characters could cause an out-of-bounds write, affecting the availability of the service or integrity of data.
Затронутые продукты
Image SLES15-SP1-Manager-4-0-Azure-BYOS-Proxy:perl-DBI-1.639-3.8.1
Image SLES15-SP1-Manager-4-0-Azure-BYOS-Server:perl-DBI-1.639-3.8.1
Image SLES15-SP1-Manager-4-0-EC2-HVM-BYOS-Proxy:perl-DBI-1.639-3.8.1
Image SLES15-SP1-Manager-4-0-EC2-HVM-BYOS-Server:perl-DBI-1.639-3.8.1
Ссылки
- CVE-2020-14393
- SUSE Bug 1176409