Описание
Security update for perl-DBI
This update for perl-DBI fixes the following issues:
- CVE-2019-20919: Fixed a NULL profile dereference in dbi_profile (bsc#1176764).
Список пакетов
Container suse/rmt-mariadb:latest
perl-DBI-1.642-3.6.1
Image SLES15-SP2-Manager-4-1-Proxy-BYOS-Azure
perl-DBI-1.642-3.6.1
Image SLES15-SP2-Manager-4-1-Proxy-BYOS-EC2-HVM
perl-DBI-1.642-3.6.1
Image SLES15-SP2-Manager-4-1-Proxy-BYOS-GCE
perl-DBI-1.642-3.6.1
Image SLES15-SP2-Manager-4-1-Server-BYOS-Azure
perl-DBI-1.642-3.6.1
Image SLES15-SP2-Manager-4-1-Server-BYOS-EC2-HVM
perl-DBI-1.642-3.6.1
Image SLES15-SP2-Manager-4-1-Server-BYOS-GCE
perl-DBI-1.642-3.6.1
Image SLES15-SP3-Manager-4-2-Proxy-BYOS-Azure
perl-DBI-1.642-3.6.1
Image SLES15-SP3-Manager-4-2-Proxy-BYOS-EC2-HVM
perl-DBI-1.642-3.6.1
Image SLES15-SP3-Manager-4-2-Proxy-BYOS-GCE
perl-DBI-1.642-3.6.1
Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure
perl-DBI-1.642-3.6.1
Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM
perl-DBI-1.642-3.6.1
Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE
perl-DBI-1.642-3.6.1
Image SLES15-SP4-Manager-Proxy-4-3-BYOS
perl-DBI-1.642-3.6.1
Image SLES15-SP4-Manager-Proxy-4-3-BYOS-Azure
perl-DBI-1.642-3.6.1
Image SLES15-SP4-Manager-Proxy-4-3-BYOS-EC2
perl-DBI-1.642-3.6.1
Image SLES15-SP4-Manager-Proxy-4-3-BYOS-GCE
perl-DBI-1.642-3.6.1
Image SLES15-SP4-Manager-Server-4-3
perl-DBI-1.642-3.6.1
Image SLES15-SP4-Manager-Server-4-3-Azure-llc
perl-DBI-1.642-3.6.1
Image SLES15-SP4-Manager-Server-4-3-Azure-ltd
perl-DBI-1.642-3.6.1
Image SLES15-SP4-Manager-Server-4-3-BYOS
perl-DBI-1.642-3.6.1
Image SLES15-SP4-Manager-Server-4-3-BYOS-Azure
perl-DBI-1.642-3.6.1
Image SLES15-SP4-Manager-Server-4-3-BYOS-EC2
perl-DBI-1.642-3.6.1
Image SLES15-SP4-Manager-Server-4-3-BYOS-GCE
perl-DBI-1.642-3.6.1
Image SLES15-SP4-Manager-Server-4-3-EC2-llc
perl-DBI-1.642-3.6.1
Image SLES15-SP4-Manager-Server-4-3-EC2-ltd
perl-DBI-1.642-3.6.1
SUSE Linux Enterprise Module for Basesystem 15 SP2
perl-DBI-1.642-3.6.1
Ссылки
- Link for SUSE-SU-2020:2828-1
- E-Mail link for SUSE-SU-2020:2828-1
- SUSE Security Ratings
- SUSE Bug 1176764
- SUSE CVE CVE-2019-20919 page
Описание
An issue was discovered in the DBI module before 1.643 for Perl. The hv_fetch() documentation requires checking for NULL and the code does that. But, shortly thereafter, it calls SvOK(profile), causing a NULL pointer dereference.
Затронутые продукты
Container suse/rmt-mariadb:latest:perl-DBI-1.642-3.6.1
Image SLES15-SP2-Manager-4-1-Proxy-BYOS-Azure:perl-DBI-1.642-3.6.1
Image SLES15-SP2-Manager-4-1-Proxy-BYOS-EC2-HVM:perl-DBI-1.642-3.6.1
Image SLES15-SP2-Manager-4-1-Proxy-BYOS-GCE:perl-DBI-1.642-3.6.1
Ссылки
- CVE-2019-20919
- SUSE Bug 1176764