Описание
Security update for python-numpy
This update for python-numpy fixes the following issues:
- CVE-2017-12852: Fixed missing input validation leading to infinite loops (bsc#1053963).
Bugfixes:
- Use update-alternatives for /usr/bin/f2py (bsc#1199500).
Список пакетов
SUSE Linux Enterprise Server 12 SP5
python-numpy-1.8.0-5.19.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5
python-numpy-1.8.0-5.19.1
SUSE Linux Enterprise Software Development Kit 12 SP5
python-numpy-devel-1.8.0-5.19.1
Ссылки
- Link for SUSE-SU-2022:3954-1
- E-Mail link for SUSE-SU-2022:3954-1
- SUSE Security Ratings
- SUSE Bug 1053963
- SUSE Bug 1199500
- SUSE CVE CVE-2017-12852 page
Описание
The numpy.pad function in Numpy 1.13.1 and older versions is missing input validation. An empty list or ndarray will stick into an infinite loop, which can allow attackers to cause a DoS attack.
Затронутые продукты
SUSE Linux Enterprise Server 12 SP5:python-numpy-1.8.0-5.19.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5:python-numpy-1.8.0-5.19.1
SUSE Linux Enterprise Software Development Kit 12 SP5:python-numpy-devel-1.8.0-5.19.1
Ссылки
- CVE-2017-12852
- SUSE Bug 1053963