Описание
Security update for libesmtp
This update for libesmtp fixes the following issues:
- CVE-2019-19977: Fixed stack-based buffer over-read in ntlm/ntlmstruct.c (bsc#1160462).
Список пакетов
SUSE Linux Enterprise Point of Sale 11 SP3
libesmtp-1.0.4-157.18.3.1
SUSE Linux Enterprise Server 11 SP4-LTSS
libesmtp-1.0.4-157.18.3.1
Ссылки
- Link for SUSE-SU-2021:14793-1
- E-Mail link for SUSE-SU-2021:14793-1
- SUSE Security Ratings
- SUSE Bug 1160462
- SUSE Bug 1189097
- SUSE CVE CVE-2019-19977 page
Описание
libESMTP through 1.0.6 mishandles domain copying into a fixed-size buffer in ntlm_build_type_2 in ntlm/ntlmstruct.c, as demonstrated by a stack-based buffer over-read.
Затронутые продукты
SUSE Linux Enterprise Point of Sale 11 SP3:libesmtp-1.0.4-157.18.3.1
SUSE Linux Enterprise Server 11 SP4-LTSS:libesmtp-1.0.4-157.18.3.1
Ссылки
- CVE-2019-19977
- SUSE Bug 1160462
- SUSE Bug 1189097
- SUSE Bug 1190329
- SUSE Bug 1191840
- SUSE Bug 1192365
- SUSE Bug 1193380
- SUSE Bug 1193381