SUSE-SU-2020:2998-1

Опубликовано: 22 окт. 2020

Источник: suse-cvrf

Описание

Security update for freetype2

This update for freetype2 fixes the following issues:

CVE-2020-15999: fixed a heap buffer overflow found in the handling of embedded PNG bitmaps (bsc#1177914).

Список пакетов

Container caasp/v4/nginx-ingress-controller:beta1

libfreetype6-2.6.3-7.18.1

HPE Helion OpenStack 8

ft2demos-2.6.3-7.18.1

libfreetype6-2.6.3-7.18.1

libfreetype6-32bit-2.6.3-7.18.1

Image SLES12-SP4-Azure-BYOS

libfreetype6-2.6.3-7.18.1

Image SLES12-SP4-EC2-HVM-BYOS

libfreetype6-2.6.3-7.18.1

Image SLES12-SP4-GCE-BYOS

libfreetype6-2.6.3-7.18.1

Image SLES12-SP4-OCI-BYOS

libfreetype6-2.6.3-7.18.1

Image SLES12-SP4-SAP-Azure

libfreetype6-2.6.3-7.18.1

Image SLES12-SP4-SAP-Azure-BYOS

libfreetype6-2.6.3-7.18.1

Image SLES12-SP4-SAP-Azure-LI-BYOS-Production

libfreetype6-2.6.3-7.18.1

Image SLES12-SP4-SAP-Azure-VLI-BYOS-Production

libfreetype6-2.6.3-7.18.1

Image SLES12-SP4-SAP-EC2-HVM

libfreetype6-2.6.3-7.18.1

Image SLES12-SP4-SAP-EC2-HVM-BYOS

libfreetype6-2.6.3-7.18.1

Image SLES12-SP4-SAP-GCE

libfreetype6-2.6.3-7.18.1

Image SLES12-SP4-SAP-GCE-BYOS

libfreetype6-2.6.3-7.18.1

Image SLES12-SP4-SAP-OCI-BYOS

libfreetype6-2.6.3-7.18.1

Image SLES12-SP5-Azure-BYOS

libfreetype6-2.6.3-7.18.1

Image SLES12-SP5-Azure-Basic-On-Demand

libfreetype6-2.6.3-7.18.1

Image SLES12-SP5-Azure-HPC-BYOS

libfreetype6-2.6.3-7.18.1

Image SLES12-SP5-Azure-HPC-On-Demand

libfreetype6-2.6.3-7.18.1

Image SLES12-SP5-Azure-SAP-BYOS

libfreetype6-2.6.3-7.18.1

Image SLES12-SP5-Azure-SAP-On-Demand

libfreetype6-2.6.3-7.18.1

Image SLES12-SP5-Azure-Standard-On-Demand

libfreetype6-2.6.3-7.18.1

Image SLES12-SP5-EC2-BYOS

libfreetype6-2.6.3-7.18.1

Image SLES12-SP5-EC2-ECS-On-Demand

libfreetype6-2.6.3-7.18.1

Image SLES12-SP5-EC2-On-Demand

libfreetype6-2.6.3-7.18.1

Image SLES12-SP5-EC2-SAP-BYOS

libfreetype6-2.6.3-7.18.1

Image SLES12-SP5-EC2-SAP-On-Demand

libfreetype6-2.6.3-7.18.1

Image SLES12-SP5-GCE-BYOS

libfreetype6-2.6.3-7.18.1

Image SLES12-SP5-GCE-On-Demand

libfreetype6-2.6.3-7.18.1

Image SLES12-SP5-GCE-SAP-BYOS

libfreetype6-2.6.3-7.18.1

Image SLES12-SP5-GCE-SAP-On-Demand

libfreetype6-2.6.3-7.18.1

Image SLES12-SP5-OCI-BYOS-BYOS

libfreetype6-2.6.3-7.18.1

Image SLES12-SP5-OCI-BYOS-SAP-BYOS

libfreetype6-2.6.3-7.18.1

Image SLES12-SP5-SAP-Azure-LI-BYOS-Production

libfreetype6-2.6.3-7.18.1

Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production

libfreetype6-2.6.3-7.18.1

SUSE Enterprise Storage 5

ft2demos-2.6.3-7.18.1

libfreetype6-2.6.3-7.18.1

libfreetype6-32bit-2.6.3-7.18.1

SUSE Linux Enterprise Server 12 SP2-BCL

ft2demos-2.6.3-7.18.1

libfreetype6-2.6.3-7.18.1

libfreetype6-32bit-2.6.3-7.18.1

SUSE Linux Enterprise Server 12 SP2-LTSS

ft2demos-2.6.3-7.18.1

libfreetype6-2.6.3-7.18.1

libfreetype6-32bit-2.6.3-7.18.1

SUSE Linux Enterprise Server 12 SP3-BCL

ft2demos-2.6.3-7.18.1

libfreetype6-2.6.3-7.18.1

libfreetype6-32bit-2.6.3-7.18.1

SUSE Linux Enterprise Server 12 SP3-LTSS

ft2demos-2.6.3-7.18.1

libfreetype6-2.6.3-7.18.1

libfreetype6-32bit-2.6.3-7.18.1

SUSE Linux Enterprise Server 12 SP4-LTSS

ft2demos-2.6.3-7.18.1

libfreetype6-2.6.3-7.18.1

libfreetype6-32bit-2.6.3-7.18.1

SUSE Linux Enterprise Server 12 SP5

ft2demos-2.6.3-7.18.1

libfreetype6-2.6.3-7.18.1

libfreetype6-32bit-2.6.3-7.18.1

SUSE Linux Enterprise Server for SAP Applications 12 SP2

ft2demos-2.6.3-7.18.1

libfreetype6-2.6.3-7.18.1

libfreetype6-32bit-2.6.3-7.18.1

SUSE Linux Enterprise Server for SAP Applications 12 SP3

ft2demos-2.6.3-7.18.1

libfreetype6-2.6.3-7.18.1

libfreetype6-32bit-2.6.3-7.18.1

SUSE Linux Enterprise Server for SAP Applications 12 SP4

ft2demos-2.6.3-7.18.1

libfreetype6-2.6.3-7.18.1

libfreetype6-32bit-2.6.3-7.18.1

SUSE Linux Enterprise Server for SAP Applications 12 SP5

ft2demos-2.6.3-7.18.1

libfreetype6-2.6.3-7.18.1

libfreetype6-32bit-2.6.3-7.18.1

SUSE Linux Enterprise Software Development Kit 12 SP5

freetype2-devel-2.6.3-7.18.1

SUSE OpenStack Cloud 7

ft2demos-2.6.3-7.18.1

libfreetype6-2.6.3-7.18.1

libfreetype6-32bit-2.6.3-7.18.1

SUSE OpenStack Cloud 8

ft2demos-2.6.3-7.18.1

libfreetype6-2.6.3-7.18.1

libfreetype6-32bit-2.6.3-7.18.1

SUSE OpenStack Cloud 9

ft2demos-2.6.3-7.18.1

libfreetype6-2.6.3-7.18.1

libfreetype6-32bit-2.6.3-7.18.1

SUSE OpenStack Cloud Crowbar 8

ft2demos-2.6.3-7.18.1

libfreetype6-2.6.3-7.18.1

libfreetype6-32bit-2.6.3-7.18.1

SUSE OpenStack Cloud Crowbar 9

ft2demos-2.6.3-7.18.1

libfreetype6-2.6.3-7.18.1

libfreetype6-32bit-2.6.3-7.18.1

Ссылки

https://www.suse.com/support/update/announcement/2020/suse-su-20202998-1/
Link for SUSE-SU-2020:2998-1
https://lists.suse.com/pipermail/sle-security-updates/2020-October/007609.html
E-Mail link for SUSE-SU-2020:2998-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1177914
SUSE Bug 1177914
https://www.suse.com/security/cve/CVE-2020-15999/
SUSE CVE CVE-2020-15999 page

Описание

Heap buffer overflow in Freetype in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Затронутые продукты

Container caasp/v4/nginx-ingress-controller:beta1:libfreetype6-2.6.3-7.18.1

HPE Helion OpenStack 8:ft2demos-2.6.3-7.18.1

HPE Helion OpenStack 8:libfreetype6-2.6.3-7.18.1

HPE Helion OpenStack 8:libfreetype6-32bit-2.6.3-7.18.1

Ссылки

https://www.suse.com/security/cve/CVE-2020-15999.html
CVE-2020-15999
https://bugzilla.suse.com/1177914
SUSE Bug 1177914
https://bugzilla.suse.com/1177936
SUSE Bug 1177936
https://bugzilla.suse.com/1178824
SUSE Bug 1178824
https://bugzilla.suse.com/1178894
SUSE Bug 1178894

SUSE-SU-2020:2998-1

Описание

Список пакетов

Container caasp/v4/nginx-ingress-controller:beta1

HPE Helion OpenStack 8

Image SLES12-SP4-Azure-BYOS

Image SLES12-SP4-EC2-HVM-BYOS

Image SLES12-SP4-GCE-BYOS

Image SLES12-SP4-OCI-BYOS

Image SLES12-SP4-SAP-Azure

Image SLES12-SP4-SAP-Azure-BYOS

Image SLES12-SP4-SAP-Azure-LI-BYOS-Production

Image SLES12-SP4-SAP-Azure-VLI-BYOS-Production

Image SLES12-SP4-SAP-EC2-HVM

Image SLES12-SP4-SAP-EC2-HVM-BYOS

Image SLES12-SP4-SAP-GCE

Image SLES12-SP4-SAP-GCE-BYOS

Image SLES12-SP4-SAP-OCI-BYOS

Image SLES12-SP5-Azure-BYOS

Image SLES12-SP5-Azure-Basic-On-Demand

Image SLES12-SP5-Azure-HPC-BYOS

Image SLES12-SP5-Azure-HPC-On-Demand

Image SLES12-SP5-Azure-SAP-BYOS

Image SLES12-SP5-Azure-SAP-On-Demand

Image SLES12-SP5-Azure-Standard-On-Demand

Image SLES12-SP5-EC2-BYOS

Image SLES12-SP5-EC2-ECS-On-Demand

Image SLES12-SP5-EC2-On-Demand

Image SLES12-SP5-EC2-SAP-BYOS

Image SLES12-SP5-EC2-SAP-On-Demand

Image SLES12-SP5-GCE-BYOS

Image SLES12-SP5-GCE-On-Demand

Image SLES12-SP5-GCE-SAP-BYOS

Image SLES12-SP5-GCE-SAP-On-Demand

Image SLES12-SP5-OCI-BYOS-BYOS

Image SLES12-SP5-OCI-BYOS-SAP-BYOS

Image SLES12-SP5-SAP-Azure-LI-BYOS-Production

Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production

SUSE Enterprise Storage 5

SUSE Linux Enterprise Server 12 SP2-BCL

SUSE Linux Enterprise Server 12 SP2-LTSS

SUSE Linux Enterprise Server 12 SP3-BCL

SUSE Linux Enterprise Server 12 SP3-LTSS

SUSE Linux Enterprise Server 12 SP4-LTSS

SUSE Linux Enterprise Server 12 SP5

SUSE Linux Enterprise Server for SAP Applications 12 SP2

SUSE Linux Enterprise Server for SAP Applications 12 SP3

SUSE Linux Enterprise Server for SAP Applications 12 SP4

SUSE Linux Enterprise Server for SAP Applications 12 SP5

SUSE Linux Enterprise Software Development Kit 12 SP5

SUSE OpenStack Cloud 7

SUSE OpenStack Cloud 8

SUSE OpenStack Cloud 9

SUSE OpenStack Cloud Crowbar 8

SUSE OpenStack Cloud Crowbar 9

Ссылки

Уязвимость: CVE-2020-15999

Описание

Затронутые продукты

Ссылки