Описание
Security update for djvulibre
This update for djvulibre fixes the following issues:
- CVE-2021-3500: Stack overflow in function DJVU:DjVuDocument:get_djvu_file() via crafted djvu file (bsc#1186253)
Список пакетов
HPE Helion OpenStack 8
libdjvulibre21-3.5.25.3-5.12.1
SUSE Linux Enterprise Server 12 SP2-BCL
libdjvulibre21-3.5.25.3-5.12.1
SUSE Linux Enterprise Server 12 SP3-BCL
libdjvulibre21-3.5.25.3-5.12.1
SUSE Linux Enterprise Server 12 SP3-LTSS
libdjvulibre21-3.5.25.3-5.12.1
SUSE Linux Enterprise Server 12 SP4-LTSS
libdjvulibre21-3.5.25.3-5.12.1
SUSE Linux Enterprise Server 12 SP5
libdjvulibre21-3.5.25.3-5.12.1
SUSE Linux Enterprise Server for SAP Applications 12 SP3
libdjvulibre21-3.5.25.3-5.12.1
SUSE Linux Enterprise Server for SAP Applications 12 SP4
libdjvulibre21-3.5.25.3-5.12.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5
libdjvulibre21-3.5.25.3-5.12.1
SUSE Linux Enterprise Software Development Kit 12 SP5
libdjvulibre-devel-3.5.25.3-5.12.1
SUSE OpenStack Cloud 8
libdjvulibre21-3.5.25.3-5.12.1
SUSE OpenStack Cloud 9
libdjvulibre21-3.5.25.3-5.12.1
SUSE OpenStack Cloud Crowbar 8
libdjvulibre21-3.5.25.3-5.12.1
SUSE OpenStack Cloud Crowbar 9
libdjvulibre21-3.5.25.3-5.12.1
Ссылки
- Link for SUSE-SU-2021:1813-1
- E-Mail link for SUSE-SU-2021:1813-1
- SUSE Security Ratings
- SUSE Bug 1186253
- SUSE CVE CVE-2021-3500 page
Описание
A flaw was found in djvulibre-3.5.28 and earlier. A Stack overflow in function DJVU::DjVuDocument::get_djvu_file() via crafted djvu file may lead to application crash and other consequences.
Затронутые продукты
HPE Helion OpenStack 8:libdjvulibre21-3.5.25.3-5.12.1
SUSE Linux Enterprise Server 12 SP2-BCL:libdjvulibre21-3.5.25.3-5.12.1
SUSE Linux Enterprise Server 12 SP3-BCL:libdjvulibre21-3.5.25.3-5.12.1
SUSE Linux Enterprise Server 12 SP3-LTSS:libdjvulibre21-3.5.25.3-5.12.1
Ссылки
- CVE-2021-3500
- SUSE Bug 1186253