Описание
Security update for libesmtp
This update for libesmtp fixes the following issues:
- CVE-2019-19977: Fix stack-based buffer over-read in ntlm/ntlmstruct.c (bsc#1160462).
Список пакетов
HPE Helion OpenStack 8
libesmtp-1.0.6-17.3.1
SUSE Linux Enterprise Server 12 SP2-BCL
libesmtp-1.0.6-17.3.1
SUSE Linux Enterprise Server 12 SP3-BCL
libesmtp-1.0.6-17.3.1
SUSE Linux Enterprise Server 12 SP3-LTSS
libesmtp-1.0.6-17.3.1
SUSE Linux Enterprise Server 12 SP4-LTSS
libesmtp-1.0.6-17.3.1
SUSE Linux Enterprise Server 12 SP5
libesmtp-1.0.6-17.3.1
SUSE Linux Enterprise Server for SAP Applications 12 SP3
libesmtp-1.0.6-17.3.1
SUSE Linux Enterprise Server for SAP Applications 12 SP4
libesmtp-1.0.6-17.3.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5
libesmtp-1.0.6-17.3.1
SUSE Linux Enterprise Software Development Kit 12 SP5
libesmtp-devel-1.0.6-17.3.1
SUSE OpenStack Cloud 8
libesmtp-1.0.6-17.3.1
SUSE OpenStack Cloud 9
libesmtp-1.0.6-17.3.1
SUSE OpenStack Cloud Crowbar 8
libesmtp-1.0.6-17.3.1
SUSE OpenStack Cloud Crowbar 9
libesmtp-1.0.6-17.3.1
Ссылки
- Link for SUSE-SU-2021:2917-1
- E-Mail link for SUSE-SU-2021:2917-1
- SUSE Security Ratings
- SUSE Bug 1160462
- SUSE Bug 1189097
- SUSE CVE CVE-2019-19977 page
Описание
libESMTP through 1.0.6 mishandles domain copying into a fixed-size buffer in ntlm_build_type_2 in ntlm/ntlmstruct.c, as demonstrated by a stack-based buffer over-read.
Затронутые продукты
HPE Helion OpenStack 8:libesmtp-1.0.6-17.3.1
SUSE Linux Enterprise Server 12 SP2-BCL:libesmtp-1.0.6-17.3.1
SUSE Linux Enterprise Server 12 SP3-BCL:libesmtp-1.0.6-17.3.1
SUSE Linux Enterprise Server 12 SP3-LTSS:libesmtp-1.0.6-17.3.1
Ссылки
- CVE-2019-19977
- SUSE Bug 1160462
- SUSE Bug 1189097
- SUSE Bug 1190329
- SUSE Bug 1191840
- SUSE Bug 1192365
- SUSE Bug 1193380
- SUSE Bug 1193381