Описание
Security update for graphviz
This update for graphviz fixes the following issues:
- CVE-2018-10196: Fixed a null dereference in rebuild_vlis (bsc#1093447).
Список пакетов
Image SLES12-SP4-SAP-Azure
graphviz-2.28.0-29.3.8
graphviz-gd-2.28.0-29.3.17
Image SLES12-SP4-SAP-Azure-BYOS
graphviz-2.28.0-29.3.8
graphviz-gd-2.28.0-29.3.17
Image SLES12-SP4-SAP-Azure-LI-BYOS-Production
graphviz-2.28.0-29.3.8
graphviz-gd-2.28.0-29.3.17
Image SLES12-SP4-SAP-Azure-VLI-BYOS-Production
graphviz-2.28.0-29.3.8
graphviz-gd-2.28.0-29.3.17
Image SLES12-SP4-SAP-EC2-HVM
graphviz-2.28.0-29.3.8
graphviz-gd-2.28.0-29.3.17
Image SLES12-SP4-SAP-EC2-HVM-BYOS
graphviz-2.28.0-29.3.8
graphviz-gd-2.28.0-29.3.17
Image SLES12-SP4-SAP-GCE
graphviz-2.28.0-29.3.8
graphviz-gd-2.28.0-29.3.17
Image SLES12-SP4-SAP-GCE-BYOS
graphviz-2.28.0-29.3.8
graphviz-gd-2.28.0-29.3.17
Image SLES12-SP4-SAP-OCI-BYOS
graphviz-2.28.0-29.3.8
graphviz-gd-2.28.0-29.3.17
Image SLES12-SP5-Azure-SAP-BYOS
graphviz-2.28.0-29.3.8
graphviz-gd-2.28.0-29.3.17
Image SLES12-SP5-Azure-SAP-On-Demand
graphviz-2.28.0-29.3.8
graphviz-gd-2.28.0-29.3.17
Image SLES12-SP5-EC2-SAP-BYOS
graphviz-2.28.0-29.3.8
graphviz-gd-2.28.0-29.3.17
Image SLES12-SP5-EC2-SAP-On-Demand
graphviz-2.28.0-29.3.8
graphviz-gd-2.28.0-29.3.17
Image SLES12-SP5-GCE-SAP-BYOS
graphviz-2.28.0-29.3.8
graphviz-gd-2.28.0-29.3.17
Image SLES12-SP5-GCE-SAP-On-Demand
graphviz-2.28.0-29.3.8
graphviz-gd-2.28.0-29.3.17
Image SLES12-SP5-OCI-BYOS-SAP-BYOS
graphviz-2.28.0-29.3.8
graphviz-gd-2.28.0-29.3.17
Image SLES12-SP5-SAP-Azure-LI-BYOS-Production
graphviz-2.28.0-29.3.8
graphviz-gd-2.28.0-29.3.17
Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production
graphviz-2.28.0-29.3.8
graphviz-gd-2.28.0-29.3.17
SUSE Linux Enterprise High Availability Extension 12 SP3
graphviz-python-2.28.0-29.3.17
SUSE Linux Enterprise High Availability Extension 12 SP4
graphviz-python-2.28.0-29.3.17
SUSE Linux Enterprise High Availability Extension 12 SP5
graphviz-python-2.28.0-29.3.17
SUSE Linux Enterprise Server 12 SP5
graphviz-2.28.0-29.3.8
graphviz-gd-2.28.0-29.3.17
graphviz-gnome-2.28.0-29.3.17
graphviz-tcl-2.28.0-29.3.17
SUSE Linux Enterprise Server for SAP Applications 12 SP5
graphviz-2.28.0-29.3.8
graphviz-gd-2.28.0-29.3.17
graphviz-gnome-2.28.0-29.3.17
graphviz-tcl-2.28.0-29.3.17
SUSE Linux Enterprise Software Development Kit 12 SP5
graphviz-devel-2.28.0-29.3.8
Ссылки
- Link for SUSE-SU-2020:3090-1
- E-Mail link for SUSE-SU-2020:3090-1
- SUSE Security Ratings
- SUSE Bug 1093447
- SUSE CVE CVE-2018-10196 page
Описание
NULL pointer dereference vulnerability in the rebuild_vlists function in lib/dotgen/conc.c in the dotgen library in Graphviz 2.40.1 allows remote attackers to cause a denial of service (application crash) via a crafted file.
Затронутые продукты
Image SLES12-SP4-SAP-Azure-BYOS:graphviz-2.28.0-29.3.8
Image SLES12-SP4-SAP-Azure-BYOS:graphviz-gd-2.28.0-29.3.17
Image SLES12-SP4-SAP-Azure-LI-BYOS-Production:graphviz-2.28.0-29.3.8
Image SLES12-SP4-SAP-Azure-LI-BYOS-Production:graphviz-gd-2.28.0-29.3.17
Ссылки
- CVE-2018-10196
- SUSE Bug 1093447