SUSE-SU-2021:2796-1

Опубликовано: 20 авг. 2021

Источник: suse-cvrf

Описание

Security update for djvulibre

This update for djvulibre fixes the following issues:

CVE-2021-3630: out-of-bounds write in DJVU:DjVuTXT:decode() in DjVuText.cpp (bsc#1187869)

Список пакетов

SUSE Enterprise Storage 6

libdjvulibre-devel-3.5.27-3.19.1

libdjvulibre21-3.5.27-3.19.1

SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS

libdjvulibre-devel-3.5.27-3.19.1

libdjvulibre21-3.5.27-3.19.1

SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS

libdjvulibre-devel-3.5.27-3.19.1

libdjvulibre21-3.5.27-3.19.1

SUSE Linux Enterprise High Performance Computing 15-ESPOS

libdjvulibre-devel-3.5.27-3.19.1

libdjvulibre21-3.5.27-3.19.1

SUSE Linux Enterprise High Performance Computing 15-LTSS

libdjvulibre-devel-3.5.27-3.19.1

libdjvulibre21-3.5.27-3.19.1

SUSE Linux Enterprise Server 15 SP1-BCL

libdjvulibre-devel-3.5.27-3.19.1

libdjvulibre21-3.5.27-3.19.1

SUSE Linux Enterprise Server 15 SP1-LTSS

libdjvulibre-devel-3.5.27-3.19.1

libdjvulibre21-3.5.27-3.19.1

SUSE Linux Enterprise Server 15-LTSS

libdjvulibre-devel-3.5.27-3.19.1

libdjvulibre21-3.5.27-3.19.1

SUSE Linux Enterprise Server for SAP Applications 15

libdjvulibre-devel-3.5.27-3.19.1

libdjvulibre21-3.5.27-3.19.1

SUSE Linux Enterprise Server for SAP Applications 15 SP1

libdjvulibre-devel-3.5.27-3.19.1

libdjvulibre21-3.5.27-3.19.1

SUSE Manager Proxy 4.0

libdjvulibre-devel-3.5.27-3.19.1

libdjvulibre21-3.5.27-3.19.1

SUSE Manager Retail Branch Server 4.0

libdjvulibre-devel-3.5.27-3.19.1

libdjvulibre21-3.5.27-3.19.1

SUSE Manager Server 4.0

libdjvulibre-devel-3.5.27-3.19.1

libdjvulibre21-3.5.27-3.19.1

Ссылки

https://www.suse.com/support/update/announcement/2021/suse-su-20212796-1/
Link for SUSE-SU-2021:2796-1
https://lists.suse.com/pipermail/sle-security-updates/2021-August/009319.html
E-Mail link for SUSE-SU-2021:2796-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1187869
SUSE Bug 1187869
https://www.suse.com/security/cve/CVE-2021-3630/
SUSE CVE CVE-2021-3630 page

Описание

An out-of-bounds write vulnerability was found in DjVuLibre in DJVU::DjVuTXT::decode() in DjVuText.cpp via a crafted djvu file which may lead to crash and segmentation fault. This flaw affects DjVuLibre versions prior to 3.5.28.

Затронутые продукты

SUSE Enterprise Storage 6:libdjvulibre-devel-3.5.27-3.19.1

SUSE Enterprise Storage 6:libdjvulibre21-3.5.27-3.19.1

SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:libdjvulibre-devel-3.5.27-3.19.1

SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:libdjvulibre21-3.5.27-3.19.1

Ссылки

https://www.suse.com/security/cve/CVE-2021-3630.html
CVE-2021-3630
https://bugzilla.suse.com/1187869
SUSE Bug 1187869

SUSE-SU-2021:2796-1

Описание

Список пакетов

SUSE Enterprise Storage 6

SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS

SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS

SUSE Linux Enterprise High Performance Computing 15-ESPOS

SUSE Linux Enterprise High Performance Computing 15-LTSS

SUSE Linux Enterprise Server 15 SP1-BCL

SUSE Linux Enterprise Server 15 SP1-LTSS

SUSE Linux Enterprise Server 15-LTSS

SUSE Linux Enterprise Server for SAP Applications 15

SUSE Linux Enterprise Server for SAP Applications 15 SP1

SUSE Manager Proxy 4.0

SUSE Manager Retail Branch Server 4.0

SUSE Manager Server 4.0

Ссылки

Уязвимость: CVE-2021-3630

Описание

Затронутые продукты

Ссылки