Описание
Security update for libdb-4_8
This update for libdb-4_8 fixes the following issues:
- CVE-2019-2708: Fixed partial DoS due to data store execution (bsc#1174414).
Список пакетов
Image SLES12-SP5-Azure-BYOS
libdb-4_8-4.8.30-33.1
Image SLES12-SP5-Azure-Basic-On-Demand
libdb-4_8-4.8.30-33.1
Image SLES12-SP5-Azure-HPC-BYOS
libdb-4_8-4.8.30-33.1
Image SLES12-SP5-Azure-HPC-On-Demand
libdb-4_8-4.8.30-33.1
Image SLES12-SP5-Azure-SAP-BYOS
db48-utils-4.8.30-33.1
libdb-4_8-4.8.30-33.1
Image SLES12-SP5-Azure-SAP-On-Demand
db48-utils-4.8.30-33.1
libdb-4_8-4.8.30-33.1
Image SLES12-SP5-Azure-Standard-On-Demand
libdb-4_8-4.8.30-33.1
Image SLES12-SP5-EC2-BYOS
libdb-4_8-4.8.30-33.1
Image SLES12-SP5-EC2-ECS-On-Demand
libdb-4_8-4.8.30-33.1
Image SLES12-SP5-EC2-On-Demand
libdb-4_8-4.8.30-33.1
Image SLES12-SP5-EC2-SAP-BYOS
db48-utils-4.8.30-33.1
libdb-4_8-4.8.30-33.1
Image SLES12-SP5-EC2-SAP-On-Demand
db48-utils-4.8.30-33.1
libdb-4_8-4.8.30-33.1
Image SLES12-SP5-GCE-BYOS
libdb-4_8-4.8.30-33.1
Image SLES12-SP5-GCE-On-Demand
libdb-4_8-4.8.30-33.1
Image SLES12-SP5-GCE-SAP-BYOS
db48-utils-4.8.30-33.1
libdb-4_8-4.8.30-33.1
Image SLES12-SP5-GCE-SAP-On-Demand
db48-utils-4.8.30-33.1
libdb-4_8-4.8.30-33.1
Image SLES12-SP5-SAP-Azure-LI-BYOS-Production
db48-utils-4.8.30-33.1
libdb-4_8-4.8.30-33.1
Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production
db48-utils-4.8.30-33.1
libdb-4_8-4.8.30-33.1
SUSE Linux Enterprise Server 12 SP5
db48-utils-4.8.30-33.1
libdb-4_8-4.8.30-33.1
libdb-4_8-32bit-4.8.30-33.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5
db48-utils-4.8.30-33.1
libdb-4_8-4.8.30-33.1
libdb-4_8-32bit-4.8.30-33.1
SUSE Linux Enterprise Software Development Kit 12 SP5
libdb-4_8-devel-4.8.30-33.1
Ссылки
- Link for SUSE-SU-2022:4289-1
- E-Mail link for SUSE-SU-2022:4289-1
- SUSE Security Ratings
- SUSE Bug 1174414
- SUSE CVE CVE-2019-2708 page
Описание
Vulnerability in the Data Store component of Oracle Berkeley DB. Supported versions that are affected are Prior to 6.138, prior to 6.2.38 and prior to 18.1.32. Easily exploitable vulnerability allows low privileged attacker having Local Logon privilege with logon to the infrastructure where Data Store executes to compromise Data Store. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Data Store. CVSS 3.0 Base Score 3.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L).
Затронутые продукты
Image SLES12-SP5-Azure-BYOS:libdb-4_8-4.8.30-33.1
Image SLES12-SP5-Azure-Basic-On-Demand:libdb-4_8-4.8.30-33.1
Image SLES12-SP5-Azure-HPC-BYOS:libdb-4_8-4.8.30-33.1
Image SLES12-SP5-Azure-HPC-On-Demand:libdb-4_8-4.8.30-33.1
Ссылки
- CVE-2019-2708
- SUSE Bug 1174414