Описание
Security update for atftp
This update for atftp fixes the following issues:
- CVE-2021-46671: Fixed a potential information leak in atftpd (bsc#1195619).
Список пакетов
SUSE Linux Enterprise Server 12 SP5
atftp-0.7.0-160.14.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5
atftp-0.7.0-160.14.1
Ссылки
- Link for SUSE-SU-2022:0881-1
- E-Mail link for SUSE-SU-2022:0881-1
- SUSE Security Ratings
- SUSE Bug 1195619
- SUSE CVE CVE-2021-46671 page
Описание
options.c in atftp before 0.7.5 reads past the end of an array, and consequently discloses server-side /etc/group data to a remote client.
Затронутые продукты
SUSE Linux Enterprise Server 12 SP5:atftp-0.7.0-160.14.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5:atftp-0.7.0-160.14.1
Ссылки
- CVE-2021-46671
- SUSE Bug 1195619