Описание
Security update for liblouis
This update for liblouis fixes the following issues:
- CVE-2022-26981: fix buffer overrun in compilePassOpcode (bsc#1197085).
- CVE-2022-31783: prevent an invalid memory write in compileRule (bsc#1200120).
Список пакетов
SUSE Linux Enterprise Module for Desktop Applications 15 SP4
liblouis-data-3.20.0-150400.3.3.1
liblouis-devel-3.20.0-150400.3.3.1
liblouis20-3.20.0-150400.3.3.1
python3-louis-3.20.0-150400.3.3.1
openSUSE Leap 15.4
liblouis-data-3.20.0-150400.3.3.1
liblouis-devel-3.20.0-150400.3.3.1
liblouis-doc-3.20.0-150400.3.3.1
liblouis-tools-3.20.0-150400.3.3.1
liblouis20-3.20.0-150400.3.3.1
python3-louis-3.20.0-150400.3.3.1
Ссылки
- Link for SUSE-SU-2022:2298-1
- E-Mail link for SUSE-SU-2022:2298-1
- SUSE Security Ratings
- SUSE Bug 1197085
- SUSE Bug 1200120
- SUSE CVE CVE-2022-26981 page
- SUSE CVE CVE-2022-31783 page
Описание
Liblouis through 3.21.0 has a buffer overflow in compilePassOpcode in compileTranslationTable.c (called, indirectly, by tools/lou_checktable.c).
Затронутые продукты
SUSE Linux Enterprise Module for Desktop Applications 15 SP4:liblouis-data-3.20.0-150400.3.3.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP4:liblouis-devel-3.20.0-150400.3.3.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP4:liblouis20-3.20.0-150400.3.3.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP4:python3-louis-3.20.0-150400.3.3.1
Ссылки
- CVE-2022-26981
- SUSE Bug 1197085
Описание
Liblouis 3.21.0 has an out-of-bounds write in compileRule in compileTranslationTable.c, as demonstrated by lou_trace.
Затронутые продукты
SUSE Linux Enterprise Module for Desktop Applications 15 SP4:liblouis-data-3.20.0-150400.3.3.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP4:liblouis-devel-3.20.0-150400.3.3.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP4:liblouis20-3.20.0-150400.3.3.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP4:python3-louis-3.20.0-150400.3.3.1
Ссылки
- CVE-2022-31783
- SUSE Bug 1200120