SUSE-SU-2020:3385-1

Опубликовано: 19 нояб. 2020

Источник: suse-cvrf

Описание

Security update for perl-DBI

This update for perl-DBI fixes the following issues:

DBD::File drivers could open files from folders other than those specifically passed via the f_dir attribute in the data source name (DSN). [bsc#1176492, CVE-2014-10401, CVE-2014-10402]

Список пакетов

Image SLES15-SP1-Manager-4-0-Azure-BYOS-Proxy

perl-DBI-1.639-3.14.1

Image SLES15-SP1-Manager-4-0-Azure-BYOS-Server

perl-DBI-1.639-3.14.1

Image SLES15-SP1-Manager-4-0-EC2-HVM-BYOS-Proxy

perl-DBI-1.639-3.14.1

Image SLES15-SP1-Manager-4-0-EC2-HVM-BYOS-Server

perl-DBI-1.639-3.14.1

Image SLES15-SP1-Manager-4-0-GCE-BYOS-Proxy

perl-DBI-1.639-3.14.1

Image SLES15-SP1-Manager-4-0-GCE-BYOS-Server

perl-DBI-1.639-3.14.1

SUSE Linux Enterprise Module for Basesystem 15 SP1

perl-DBI-1.639-3.14.1

Ссылки

https://www.suse.com/support/update/announcement/2020/suse-su-20203385-1/
Link for SUSE-SU-2020:3385-1
https://lists.suse.com/pipermail/sle-security-updates/2020-November/007805.html
E-Mail link for SUSE-SU-2020:3385-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1176492
SUSE Bug 1176492
https://www.suse.com/security/cve/CVE-2014-10401/
SUSE CVE CVE-2014-10401 page
https://www.suse.com/security/cve/CVE-2014-10402/
SUSE CVE CVE-2014-10402 page

Описание

An issue was discovered in the DBI module before 1.632 for Perl. DBD::File drivers can open files from folders other than those specifically passed via the f_dir attribute.

Затронутые продукты

Image SLES15-SP1-Manager-4-0-Azure-BYOS-Proxy:perl-DBI-1.639-3.14.1

Image SLES15-SP1-Manager-4-0-Azure-BYOS-Server:perl-DBI-1.639-3.14.1

Image SLES15-SP1-Manager-4-0-EC2-HVM-BYOS-Proxy:perl-DBI-1.639-3.14.1

Image SLES15-SP1-Manager-4-0-EC2-HVM-BYOS-Server:perl-DBI-1.639-3.14.1

Ссылки

https://www.suse.com/security/cve/CVE-2014-10401.html
CVE-2014-10401
https://bugzilla.suse.com/1176492
SUSE Bug 1176492

Описание

An issue was discovered in the DBI module through 1.643 for Perl. DBD::File drivers can open files from folders other than those specifically passed via the f_dir attribute in the data source name (DSN). NOTE: this issue exists because of an incomplete fix for CVE-2014-10401.

Затронутые продукты

Image SLES15-SP1-Manager-4-0-Azure-BYOS-Proxy:perl-DBI-1.639-3.14.1

Image SLES15-SP1-Manager-4-0-Azure-BYOS-Server:perl-DBI-1.639-3.14.1

Image SLES15-SP1-Manager-4-0-EC2-HVM-BYOS-Proxy:perl-DBI-1.639-3.14.1

Image SLES15-SP1-Manager-4-0-EC2-HVM-BYOS-Server:perl-DBI-1.639-3.14.1

Ссылки

https://www.suse.com/security/cve/CVE-2014-10402.html
CVE-2014-10402
https://bugzilla.suse.com/1176492
SUSE Bug 1176492

SUSE-SU-2020:3385-1

Описание

Список пакетов

Image SLES15-SP1-Manager-4-0-Azure-BYOS-Proxy

Image SLES15-SP1-Manager-4-0-Azure-BYOS-Server

Image SLES15-SP1-Manager-4-0-EC2-HVM-BYOS-Proxy

Image SLES15-SP1-Manager-4-0-EC2-HVM-BYOS-Server

Image SLES15-SP1-Manager-4-0-GCE-BYOS-Proxy

Image SLES15-SP1-Manager-4-0-GCE-BYOS-Server

SUSE Linux Enterprise Module for Basesystem 15 SP1

Ссылки

Уязвимость: CVE-2014-10401

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2014-10402

Описание

Затронутые продукты

Ссылки