Описание
Security update for perl-DBI
This update for perl-DBI fixes the following issues:
- CVE-2019-20919: Fixed a NULL profile dereference in dbi_profile (bsc#1176764).
- CVE-2013-7490: Fixed memory corruption when using many arguments to methods for CallbacksUsing (bsc#1176496).
Список пакетов
HPE Helion OpenStack 8
perl-DBI-1.628-5.6.1
SUSE Enterprise Storage 5
perl-DBI-1.628-5.6.1
SUSE Linux Enterprise Server 12 SP2-BCL
perl-DBI-1.628-5.6.1
SUSE Linux Enterprise Server 12 SP2-LTSS
perl-DBI-1.628-5.6.1
SUSE Linux Enterprise Server 12 SP3-BCL
perl-DBI-1.628-5.6.1
SUSE Linux Enterprise Server 12 SP3-LTSS
perl-DBI-1.628-5.6.1
SUSE Linux Enterprise Server 12 SP4-LTSS
perl-DBI-1.628-5.6.1
SUSE Linux Enterprise Server 12 SP5
perl-DBI-1.628-5.6.1
SUSE Linux Enterprise Server for SAP Applications 12 SP2
perl-DBI-1.628-5.6.1
SUSE Linux Enterprise Server for SAP Applications 12 SP3
perl-DBI-1.628-5.6.1
SUSE Linux Enterprise Server for SAP Applications 12 SP4
perl-DBI-1.628-5.6.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5
perl-DBI-1.628-5.6.1
SUSE OpenStack Cloud 7
perl-DBI-1.628-5.6.1
SUSE OpenStack Cloud 8
perl-DBI-1.628-5.6.1
SUSE OpenStack Cloud 9
perl-DBI-1.628-5.6.1
SUSE OpenStack Cloud Crowbar 8
perl-DBI-1.628-5.6.1
SUSE OpenStack Cloud Crowbar 9
perl-DBI-1.628-5.6.1
Ссылки
- Link for SUSE-SU-2020:2856-1
- E-Mail link for SUSE-SU-2020:2856-1
- SUSE Security Ratings
- SUSE Bug 1176496
- SUSE Bug 1176764
- SUSE CVE CVE-2013-7490 page
- SUSE CVE CVE-2019-20919 page
Описание
An issue was discovered in the DBI module before 1.632 for Perl. Using many arguments to methods for Callbacks may lead to memory corruption.
Затронутые продукты
HPE Helion OpenStack 8:perl-DBI-1.628-5.6.1
SUSE Enterprise Storage 5:perl-DBI-1.628-5.6.1
SUSE Linux Enterprise Server 12 SP2-BCL:perl-DBI-1.628-5.6.1
SUSE Linux Enterprise Server 12 SP2-LTSS:perl-DBI-1.628-5.6.1
Ссылки
- CVE-2013-7490
- SUSE Bug 1176496
Описание
An issue was discovered in the DBI module before 1.643 for Perl. The hv_fetch() documentation requires checking for NULL and the code does that. But, shortly thereafter, it calls SvOK(profile), causing a NULL pointer dereference.
Затронутые продукты
HPE Helion OpenStack 8:perl-DBI-1.628-5.6.1
SUSE Enterprise Storage 5:perl-DBI-1.628-5.6.1
SUSE Linux Enterprise Server 12 SP2-BCL:perl-DBI-1.628-5.6.1
SUSE Linux Enterprise Server 12 SP2-LTSS:perl-DBI-1.628-5.6.1
Ссылки
- CVE-2019-20919
- SUSE Bug 1176764