Описание
Security update for djvulibre
This update for djvulibre fixes the following issues:
Security issues fixed:
- CVE-2021-32490 [bsc#1185895], Out of bounds write in function DJVU:filter_bv() via crafted djvu file
- CVE-2021-32491 [bsc#1185900], Integer overflow in function render() in tools/ddjvu via crafted djvu file
- CVE-2021-32492 [bsc#1185904], Out of bounds read in function DJVU:DataPool:has_data() via crafted djvu file
- CVE-2021-32493 [bsc#1185905], Heap buffer overflow in function DJVU:GBitmap:decode() via crafted djvu file
Список пакетов
SUSE Enterprise Storage 6
libdjvulibre-devel-3.5.27-3.11.1
libdjvulibre21-3.5.27-3.11.1
SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS
libdjvulibre-devel-3.5.27-3.11.1
libdjvulibre21-3.5.27-3.11.1
SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS
libdjvulibre-devel-3.5.27-3.11.1
libdjvulibre21-3.5.27-3.11.1
SUSE Linux Enterprise High Performance Computing 15-ESPOS
libdjvulibre-devel-3.5.27-3.11.1
libdjvulibre21-3.5.27-3.11.1
SUSE Linux Enterprise High Performance Computing 15-LTSS
libdjvulibre-devel-3.5.27-3.11.1
libdjvulibre21-3.5.27-3.11.1
SUSE Linux Enterprise Server 15 SP1-BCL
libdjvulibre-devel-3.5.27-3.11.1
libdjvulibre21-3.5.27-3.11.1
SUSE Linux Enterprise Server 15 SP1-LTSS
libdjvulibre-devel-3.5.27-3.11.1
libdjvulibre21-3.5.27-3.11.1
SUSE Linux Enterprise Server 15-LTSS
libdjvulibre-devel-3.5.27-3.11.1
libdjvulibre21-3.5.27-3.11.1
SUSE Linux Enterprise Server for SAP Applications 15
libdjvulibre-devel-3.5.27-3.11.1
libdjvulibre21-3.5.27-3.11.1
SUSE Linux Enterprise Server for SAP Applications 15 SP1
libdjvulibre-devel-3.5.27-3.11.1
libdjvulibre21-3.5.27-3.11.1
SUSE Manager Proxy 4.0
libdjvulibre-devel-3.5.27-3.11.1
libdjvulibre21-3.5.27-3.11.1
SUSE Manager Retail Branch Server 4.0
libdjvulibre-devel-3.5.27-3.11.1
libdjvulibre21-3.5.27-3.11.1
SUSE Manager Server 4.0
libdjvulibre-devel-3.5.27-3.11.1
libdjvulibre21-3.5.27-3.11.1
Ссылки
- Link for SUSE-SU-2021:1649-1
- E-Mail link for SUSE-SU-2021:1649-1
- SUSE Security Ratings
- SUSE Bug 1185895
- SUSE Bug 1185900
- SUSE Bug 1185904
- SUSE Bug 1185905
- SUSE CVE CVE-2021-32490 page
- SUSE CVE CVE-2021-32491 page
- SUSE CVE CVE-2021-32492 page
- SUSE CVE CVE-2021-32493 page
Описание
A flaw was found in djvulibre-3.5.28 and earlier. An out of bounds write in function DJVU::filter_bv() via crafted djvu file may lead to application crash and other consequences.
Затронутые продукты
SUSE Enterprise Storage 6:libdjvulibre-devel-3.5.27-3.11.1
SUSE Enterprise Storage 6:libdjvulibre21-3.5.27-3.11.1
SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:libdjvulibre-devel-3.5.27-3.11.1
SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:libdjvulibre21-3.5.27-3.11.1
Ссылки
- CVE-2021-32490
- SUSE Bug 1185895
Описание
A flaw was found in djvulibre-3.5.28 and earlier. An integer overflow in function render() in tools/ddjvu via crafted djvu file may lead to application crash and other consequences.
Затронутые продукты
SUSE Enterprise Storage 6:libdjvulibre-devel-3.5.27-3.11.1
SUSE Enterprise Storage 6:libdjvulibre21-3.5.27-3.11.1
SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:libdjvulibre-devel-3.5.27-3.11.1
SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:libdjvulibre21-3.5.27-3.11.1
Ссылки
- CVE-2021-32491
- SUSE Bug 1185900
Описание
A flaw was found in djvulibre-3.5.28 and earlier. An out of bounds read in function DJVU::DataPool::has_data() via crafted djvu file may lead to application crash and other consequences.
Затронутые продукты
SUSE Enterprise Storage 6:libdjvulibre-devel-3.5.27-3.11.1
SUSE Enterprise Storage 6:libdjvulibre21-3.5.27-3.11.1
SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:libdjvulibre-devel-3.5.27-3.11.1
SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:libdjvulibre21-3.5.27-3.11.1
Ссылки
- CVE-2021-32492
- SUSE Bug 1185904
Описание
A flaw was found in djvulibre-3.5.28 and earlier. A heap buffer overflow in function DJVU::GBitmap::decode() via crafted djvu file may lead to application crash and other consequences.
Затронутые продукты
SUSE Enterprise Storage 6:libdjvulibre-devel-3.5.27-3.11.1
SUSE Enterprise Storage 6:libdjvulibre21-3.5.27-3.11.1
SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:libdjvulibre-devel-3.5.27-3.11.1
SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:libdjvulibre21-3.5.27-3.11.1
Ссылки
- CVE-2021-32493
- SUSE Bug 1185905