SUSE-SU-2022:3455-1

Опубликовано: 28 сент. 2022

Источник: suse-cvrf

Описание

Security update for libostree

This update for libostree fixes the following issues:

CVE-2014-9862: Fixed arbitrary write on heap vulnerability (bsc#1201770).

Список пакетов

SUSE Enterprise Storage 6

libostree-2018.9-150100.7.4.1

libostree-1-1-2018.9-150100.7.4.1

libostree-devel-2018.9-150100.7.4.1

typelib-1_0-OSTree-1_0-2018.9-150100.7.4.1

SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS

libostree-2018.9-150100.7.4.1

libostree-1-1-2018.9-150100.7.4.1

libostree-devel-2018.9-150100.7.4.1

typelib-1_0-OSTree-1_0-2018.9-150100.7.4.1

SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS

libostree-2018.9-150100.7.4.1

libostree-1-1-2018.9-150100.7.4.1

libostree-devel-2018.9-150100.7.4.1

typelib-1_0-OSTree-1_0-2018.9-150100.7.4.1

SUSE Linux Enterprise Server 15 SP1-BCL

libostree-2018.9-150100.7.4.1

libostree-1-1-2018.9-150100.7.4.1

libostree-devel-2018.9-150100.7.4.1

typelib-1_0-OSTree-1_0-2018.9-150100.7.4.1

SUSE Linux Enterprise Server 15 SP1-LTSS

libostree-2018.9-150100.7.4.1

libostree-1-1-2018.9-150100.7.4.1

libostree-devel-2018.9-150100.7.4.1

typelib-1_0-OSTree-1_0-2018.9-150100.7.4.1

SUSE Linux Enterprise Server for SAP Applications 15 SP1

libostree-2018.9-150100.7.4.1

libostree-1-1-2018.9-150100.7.4.1

libostree-devel-2018.9-150100.7.4.1

typelib-1_0-OSTree-1_0-2018.9-150100.7.4.1

Ссылки

https://www.suse.com/support/update/announcement/2022/suse-su-20223455-1/
Link for SUSE-SU-2022:3455-1
https://lists.suse.com/pipermail/sle-security-updates/2022-September/012442.html
E-Mail link for SUSE-SU-2022:3455-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1201770
SUSE Bug 1201770
https://www.suse.com/security/cve/CVE-2014-9862/
SUSE CVE CVE-2014-9862 page

Описание

Integer signedness error in bspatch.c in bspatch in bsdiff, as used in Apple OS X before 10.11.6 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow) via a crafted patch file.

Затронутые продукты

SUSE Enterprise Storage 6:libostree-1-1-2018.9-150100.7.4.1

SUSE Enterprise Storage 6:libostree-2018.9-150100.7.4.1

SUSE Enterprise Storage 6:libostree-devel-2018.9-150100.7.4.1

SUSE Enterprise Storage 6:typelib-1_0-OSTree-1_0-2018.9-150100.7.4.1

Ссылки

https://www.suse.com/security/cve/CVE-2014-9862.html
CVE-2014-9862
https://bugzilla.suse.com/1173974
SUSE Bug 1173974
https://bugzilla.suse.com/1201770
SUSE Bug 1201770
https://bugzilla.suse.com/990660
SUSE Bug 990660

SUSE-SU-2022:3455-1

Описание

Список пакетов

SUSE Enterprise Storage 6

SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS

SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS

SUSE Linux Enterprise Server 15 SP1-BCL

SUSE Linux Enterprise Server 15 SP1-LTSS

SUSE Linux Enterprise Server for SAP Applications 15 SP1

Ссылки

Уязвимость: CVE-2014-9862

Описание

Затронутые продукты

Ссылки