Описание
Security update for file
This update for file fixes the following issues:
- CVE-2019-18218: Fixed heap-based buffer overflow in cdf_read_property_info in cdf.c (bsc#1154661).
Список пакетов
Container suse/ltss/sle12.5/sles12sp5:latest
file-magic-5.22-10.21.1
libmagic1-5.22-10.21.1
Container suse/sles12sp3:latest
file-5.22-10.21.1
file-magic-5.22-10.21.1
libmagic1-5.22-10.21.1
Container suse/sles12sp4:latest
file-magic-5.22-10.21.1
libmagic1-5.22-10.21.1
Container suse/sles12sp5:latest
file-magic-5.22-10.21.1
libmagic1-5.22-10.21.1
HPE Helion OpenStack 8
file-5.22-10.21.1
file-magic-5.22-10.21.1
libmagic1-5.22-10.21.1
libmagic1-32bit-5.22-10.21.1
Image SLES12-SP4-Azure-BYOS
file-5.22-10.21.1
file-magic-5.22-10.21.1
libmagic1-5.22-10.21.1
Image SLES12-SP4-EC2-HVM-BYOS
file-5.22-10.21.1
file-magic-5.22-10.21.1
libmagic1-5.22-10.21.1
Image SLES12-SP4-GCE-BYOS
file-5.22-10.21.1
file-magic-5.22-10.21.1
libmagic1-5.22-10.21.1
Image SLES12-SP4-SAP-Azure
file-5.22-10.21.1
file-magic-5.22-10.21.1
libmagic1-5.22-10.21.1
Image SLES12-SP4-SAP-Azure-BYOS
file-5.22-10.21.1
file-magic-5.22-10.21.1
libmagic1-5.22-10.21.1
Image SLES12-SP4-SAP-Azure-LI-BYOS-Production
file-5.22-10.21.1
file-magic-5.22-10.21.1
libmagic1-5.22-10.21.1
Image SLES12-SP4-SAP-Azure-VLI-BYOS-Production
file-5.22-10.21.1
file-magic-5.22-10.21.1
libmagic1-5.22-10.21.1
Image SLES12-SP4-SAP-EC2-HVM
file-5.22-10.21.1
file-magic-5.22-10.21.1
libmagic1-5.22-10.21.1
Image SLES12-SP4-SAP-EC2-HVM-BYOS
file-5.22-10.21.1
file-magic-5.22-10.21.1
libmagic1-5.22-10.21.1
Image SLES12-SP4-SAP-GCE
file-5.22-10.21.1
file-magic-5.22-10.21.1
libmagic1-5.22-10.21.1
Image SLES12-SP4-SAP-GCE-BYOS
file-5.22-10.21.1
file-magic-5.22-10.21.1
libmagic1-5.22-10.21.1
Image SLES12-SP5-Azure-BYOS
file-5.22-10.21.1
file-magic-5.22-10.21.1
libmagic1-5.22-10.21.1
Image SLES12-SP5-Azure-Basic-On-Demand
file-5.22-10.21.1
file-magic-5.22-10.21.1
libmagic1-5.22-10.21.1
Image SLES12-SP5-Azure-HPC-BYOS
file-5.22-10.21.1
file-magic-5.22-10.21.1
libmagic1-5.22-10.21.1
Image SLES12-SP5-Azure-HPC-On-Demand
file-5.22-10.21.1
file-magic-5.22-10.21.1
libmagic1-5.22-10.21.1
Image SLES12-SP5-Azure-SAP-BYOS
file-5.22-10.21.1
file-magic-5.22-10.21.1
libmagic1-5.22-10.21.1
Image SLES12-SP5-Azure-SAP-On-Demand
file-5.22-10.21.1
file-magic-5.22-10.21.1
libmagic1-5.22-10.21.1
Image SLES12-SP5-Azure-Standard-On-Demand
file-5.22-10.21.1
file-magic-5.22-10.21.1
libmagic1-5.22-10.21.1
Image SLES12-SP5-EC2-BYOS
file-5.22-10.21.1
file-magic-5.22-10.21.1
libmagic1-5.22-10.21.1
Image SLES12-SP5-EC2-ECS-On-Demand
file-5.22-10.21.1
file-magic-5.22-10.21.1
libmagic1-5.22-10.21.1
Image SLES12-SP5-EC2-On-Demand
file-5.22-10.21.1
file-magic-5.22-10.21.1
libmagic1-5.22-10.21.1
Image SLES12-SP5-EC2-SAP-BYOS
file-5.22-10.21.1
file-magic-5.22-10.21.1
libmagic1-5.22-10.21.1
Image SLES12-SP5-EC2-SAP-On-Demand
file-5.22-10.21.1
file-magic-5.22-10.21.1
libmagic1-5.22-10.21.1
Image SLES12-SP5-GCE-BYOS
file-5.22-10.21.1
file-magic-5.22-10.21.1
libmagic1-5.22-10.21.1
Image SLES12-SP5-GCE-On-Demand
file-5.22-10.21.1
file-magic-5.22-10.21.1
libmagic1-5.22-10.21.1
Image SLES12-SP5-GCE-SAP-BYOS
file-5.22-10.21.1
file-magic-5.22-10.21.1
libmagic1-5.22-10.21.1
Image SLES12-SP5-GCE-SAP-On-Demand
file-5.22-10.21.1
file-magic-5.22-10.21.1
libmagic1-5.22-10.21.1
Image SLES12-SP5-OCI-BYOS-BYOS
file-5.22-10.21.1
file-magic-5.22-10.21.1
libmagic1-5.22-10.21.1
Image SLES12-SP5-OCI-BYOS-SAP-BYOS
file-5.22-10.21.1
file-magic-5.22-10.21.1
libmagic1-5.22-10.21.1
Image SLES12-SP5-SAP-Azure-LI-BYOS-Production
file-5.22-10.21.1
file-magic-5.22-10.21.1
libmagic1-5.22-10.21.1
Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production
file-5.22-10.21.1
file-magic-5.22-10.21.1
libmagic1-5.22-10.21.1
SUSE Linux Enterprise Server 12 SP2-BCL
file-5.22-10.21.1
file-magic-5.22-10.21.1
libmagic1-5.22-10.21.1
libmagic1-32bit-5.22-10.21.1
SUSE Linux Enterprise Server 12 SP3-BCL
file-5.22-10.21.1
file-magic-5.22-10.21.1
libmagic1-5.22-10.21.1
libmagic1-32bit-5.22-10.21.1
SUSE Linux Enterprise Server 12 SP3-LTSS
file-5.22-10.21.1
file-magic-5.22-10.21.1
libmagic1-5.22-10.21.1
libmagic1-32bit-5.22-10.21.1
SUSE Linux Enterprise Server 12 SP4-LTSS
file-5.22-10.21.1
file-magic-5.22-10.21.1
libmagic1-5.22-10.21.1
libmagic1-32bit-5.22-10.21.1
SUSE Linux Enterprise Server 12 SP5
file-5.22-10.21.1
file-magic-5.22-10.21.1
libmagic1-5.22-10.21.1
libmagic1-32bit-5.22-10.21.1
SUSE Linux Enterprise Server for SAP Applications 12 SP3
file-5.22-10.21.1
file-magic-5.22-10.21.1
libmagic1-5.22-10.21.1
libmagic1-32bit-5.22-10.21.1
SUSE Linux Enterprise Server for SAP Applications 12 SP4
file-5.22-10.21.1
file-magic-5.22-10.21.1
libmagic1-5.22-10.21.1
libmagic1-32bit-5.22-10.21.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5
file-5.22-10.21.1
file-magic-5.22-10.21.1
libmagic1-5.22-10.21.1
libmagic1-32bit-5.22-10.21.1
SUSE Linux Enterprise Software Development Kit 12 SP5
file-devel-5.22-10.21.1
python-magic-5.22-10.21.1
SUSE OpenStack Cloud 8
file-5.22-10.21.1
file-magic-5.22-10.21.1
libmagic1-5.22-10.21.1
libmagic1-32bit-5.22-10.21.1
SUSE OpenStack Cloud 9
file-5.22-10.21.1
file-magic-5.22-10.21.1
libmagic1-5.22-10.21.1
libmagic1-32bit-5.22-10.21.1
SUSE OpenStack Cloud Crowbar 8
file-5.22-10.21.1
file-magic-5.22-10.21.1
libmagic1-5.22-10.21.1
libmagic1-32bit-5.22-10.21.1
SUSE OpenStack Cloud Crowbar 9
file-5.22-10.21.1
file-magic-5.22-10.21.1
libmagic1-5.22-10.21.1
libmagic1-32bit-5.22-10.21.1
Ссылки
- Link for SUSE-SU-2021:2930-1
- E-Mail link for SUSE-SU-2021:2930-1
- SUSE Security Ratings
- SUSE Bug 1154661
- SUSE CVE CVE-2019-18218 page
Описание
cdf_read_property_info in cdf.c in file through 5.37 does not restrict the number of CDF_VECTOR elements, which allows a heap-based buffer overflow (4-byte out-of-bounds write).
Затронутые продукты
Container suse/ltss/sle12.5/sles12sp5:latest:file-magic-5.22-10.21.1
Container suse/ltss/sle12.5/sles12sp5:latest:libmagic1-5.22-10.21.1
Container suse/sles12sp3:latest:file-5.22-10.21.1
Container suse/sles12sp3:latest:file-magic-5.22-10.21.1
Ссылки
- CVE-2019-18218
- SUSE Bug 1154661
- SUSE Bug 1190368
- SUSE Bug 1191838