Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2021:1646-1

Опубликовано: 19 мая 2021
Источник: suse-cvrf

Описание

Security update for graphviz

This update for graphviz fixes the following issues:

  • CVE-2020-18032: Fixed possible remote code execution via buffer overflow (bsc#1185833).

Список пакетов

HPE Helion OpenStack 8
graphviz-2.28.0-29.6.1
graphviz-gd-2.28.0-29.6.1
graphviz-gnome-2.28.0-29.6.1
graphviz-tcl-2.28.0-29.6.1
Image SLES12-SP4-SAP-Azure
graphviz-2.28.0-29.6.1
graphviz-gd-2.28.0-29.6.1
Image SLES12-SP4-SAP-Azure-BYOS
graphviz-2.28.0-29.6.1
graphviz-gd-2.28.0-29.6.1
Image SLES12-SP4-SAP-Azure-LI-BYOS-Production
graphviz-2.28.0-29.6.1
graphviz-gd-2.28.0-29.6.1
Image SLES12-SP4-SAP-Azure-VLI-BYOS-Production
graphviz-2.28.0-29.6.1
graphviz-gd-2.28.0-29.6.1
Image SLES12-SP4-SAP-EC2-HVM
graphviz-2.28.0-29.6.1
graphviz-gd-2.28.0-29.6.1
Image SLES12-SP4-SAP-EC2-HVM-BYOS
graphviz-2.28.0-29.6.1
graphviz-gd-2.28.0-29.6.1
Image SLES12-SP4-SAP-GCE
graphviz-2.28.0-29.6.1
graphviz-gd-2.28.0-29.6.1
Image SLES12-SP4-SAP-GCE-BYOS
graphviz-2.28.0-29.6.1
graphviz-gd-2.28.0-29.6.1
Image SLES12-SP5-Azure-SAP-BYOS
graphviz-2.28.0-29.6.1
graphviz-gd-2.28.0-29.6.1
Image SLES12-SP5-Azure-SAP-On-Demand
graphviz-2.28.0-29.6.1
graphviz-gd-2.28.0-29.6.1
Image SLES12-SP5-EC2-SAP-BYOS
graphviz-2.28.0-29.6.1
graphviz-gd-2.28.0-29.6.1
Image SLES12-SP5-EC2-SAP-On-Demand
graphviz-2.28.0-29.6.1
graphviz-gd-2.28.0-29.6.1
Image SLES12-SP5-GCE-SAP-BYOS
graphviz-2.28.0-29.6.1
graphviz-gd-2.28.0-29.6.1
Image SLES12-SP5-GCE-SAP-On-Demand
graphviz-2.28.0-29.6.1
graphviz-gd-2.28.0-29.6.1
Image SLES12-SP5-OCI-BYOS-SAP-BYOS
graphviz-2.28.0-29.6.1
graphviz-gd-2.28.0-29.6.1
Image SLES12-SP5-SAP-Azure-LI-BYOS-Production
graphviz-2.28.0-29.6.1
graphviz-gd-2.28.0-29.6.1
Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production
graphviz-2.28.0-29.6.1
graphviz-gd-2.28.0-29.6.1
SUSE Linux Enterprise High Availability Extension 12 SP3
graphviz-python-2.28.0-29.6.1
SUSE Linux Enterprise High Availability Extension 12 SP4
graphviz-python-2.28.0-29.6.1
SUSE Linux Enterprise High Availability Extension 12 SP5
graphviz-python-2.28.0-29.6.1
SUSE Linux Enterprise Server 12 SP2-BCL
graphviz-2.28.0-29.6.1
graphviz-gd-2.28.0-29.6.1
graphviz-gnome-2.28.0-29.6.1
graphviz-tcl-2.28.0-29.6.1
SUSE Linux Enterprise Server 12 SP3-BCL
graphviz-2.28.0-29.6.1
graphviz-gd-2.28.0-29.6.1
graphviz-gnome-2.28.0-29.6.1
graphviz-tcl-2.28.0-29.6.1
SUSE Linux Enterprise Server 12 SP3-LTSS
graphviz-2.28.0-29.6.1
graphviz-gd-2.28.0-29.6.1
graphviz-gnome-2.28.0-29.6.1
graphviz-tcl-2.28.0-29.6.1
SUSE Linux Enterprise Server 12 SP4-LTSS
graphviz-2.28.0-29.6.1
graphviz-gd-2.28.0-29.6.1
graphviz-gnome-2.28.0-29.6.1
graphviz-tcl-2.28.0-29.6.1
SUSE Linux Enterprise Server 12 SP5
graphviz-2.28.0-29.6.1
graphviz-gd-2.28.0-29.6.1
graphviz-gnome-2.28.0-29.6.1
graphviz-tcl-2.28.0-29.6.1
SUSE Linux Enterprise Server for SAP Applications 12 SP3
graphviz-2.28.0-29.6.1
graphviz-gd-2.28.0-29.6.1
graphviz-gnome-2.28.0-29.6.1
graphviz-tcl-2.28.0-29.6.1
SUSE Linux Enterprise Server for SAP Applications 12 SP4
graphviz-2.28.0-29.6.1
graphviz-gd-2.28.0-29.6.1
graphviz-gnome-2.28.0-29.6.1
graphviz-tcl-2.28.0-29.6.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5
graphviz-2.28.0-29.6.1
graphviz-gd-2.28.0-29.6.1
graphviz-gnome-2.28.0-29.6.1
graphviz-tcl-2.28.0-29.6.1
SUSE Linux Enterprise Software Development Kit 12 SP5
graphviz-devel-2.28.0-29.6.1
SUSE OpenStack Cloud 8
graphviz-2.28.0-29.6.1
graphviz-gd-2.28.0-29.6.1
graphviz-gnome-2.28.0-29.6.1
graphviz-tcl-2.28.0-29.6.1
SUSE OpenStack Cloud 9
graphviz-2.28.0-29.6.1
graphviz-gd-2.28.0-29.6.1
graphviz-gnome-2.28.0-29.6.1
graphviz-tcl-2.28.0-29.6.1
SUSE OpenStack Cloud Crowbar 8
graphviz-2.28.0-29.6.1
graphviz-gd-2.28.0-29.6.1
graphviz-gnome-2.28.0-29.6.1
graphviz-tcl-2.28.0-29.6.1
SUSE OpenStack Cloud Crowbar 9
graphviz-2.28.0-29.6.1
graphviz-gd-2.28.0-29.6.1
graphviz-gnome-2.28.0-29.6.1
graphviz-tcl-2.28.0-29.6.1

Ссылки

Описание

Buffer Overflow in Graphviz Graph Visualization Tools from commit ID f8b9e035 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (application crash) by loading a crafted file into the "lib/common/shapes.c" component.

Затронутые продукты
HPE Helion OpenStack 8:graphviz-2.28.0-29.6.1
HPE Helion OpenStack 8:graphviz-gd-2.28.0-29.6.1
HPE Helion OpenStack 8:graphviz-gnome-2.28.0-29.6.1
HPE Helion OpenStack 8:graphviz-tcl-2.28.0-29.6.1
Ссылки
Уязвимость SUSE-SU-2021:1646-1