Описание
Security update for libass
This update for libass fixes the following issues:
- CVE-2020-24994: Fixed a stack overflow in the parse_tag (bsc#1184153).
Список пакетов
Container containers/open-webui:0
libass9-0.14.0-3.6.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP2
libass-devel-0.14.0-3.6.1
libass9-0.14.0-3.6.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP3
libass-devel-0.14.0-3.6.1
libass9-0.14.0-3.6.1
Ссылки
- Link for SUSE-SU-2021:1664-1
- E-Mail link for SUSE-SU-2021:1664-1
- SUSE Security Ratings
- SUSE Bug 1184153
- SUSE CVE CVE-2020-24994 page
Описание
Stack overflow in the parse_tag function in libass/ass_parse.c in libass before 0.15.0 allows remote attackers to cause a denial of service or remote code execution via a crafted file.
Затронутые продукты
Container containers/open-webui:0:libass9-0.14.0-3.6.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libass-devel-0.14.0-3.6.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libass9-0.14.0-3.6.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP3:libass-devel-0.14.0-3.6.1
Ссылки
- CVE-2020-24994
- SUSE Bug 1184153