Описание
Security update for libraw
This update for libraw fixes the following issues:
- CVE-2021-32142: Fixed buffer overflow in the LibRaw_buffer_datastream:gets function (bsc#1208470).
Список пакетов
SUSE Linux Enterprise Module for Desktop Applications 15 SP4
libraw20-0.20.2-150400.3.3.1
SUSE Linux Enterprise Workstation Extension 15 SP4
libraw-devel-0.20.2-150400.3.3.1
openSUSE Leap 15.4
libraw-devel-0.20.2-150400.3.3.1
libraw-devel-static-0.20.2-150400.3.3.1
libraw-tools-0.20.2-150400.3.3.1
libraw20-0.20.2-150400.3.3.1
libraw20-32bit-0.20.2-150400.3.3.1
Ссылки
- Link for SUSE-SU-2023:0512-1
- E-Mail link for SUSE-SU-2023:0512-1
- SUSE Security Ratings
- SUSE Bug 1208470
- SUSE CVE CVE-2021-32142 page
Описание
Buffer Overflow vulnerability in LibRaw linux/unix v0.20.0 allows attacker to escalate privileges via the LibRaw_buffer_datastream::gets(char*, int) in /src/libraw/src/libraw_datastream.cpp.
Затронутые продукты
SUSE Linux Enterprise Module for Desktop Applications 15 SP4:libraw20-0.20.2-150400.3.3.1
SUSE Linux Enterprise Workstation Extension 15 SP4:libraw-devel-0.20.2-150400.3.3.1
openSUSE Leap 15.4:libraw-devel-0.20.2-150400.3.3.1
openSUSE Leap 15.4:libraw-devel-static-0.20.2-150400.3.3.1
Ссылки
- CVE-2021-32142
- SUSE Bug 1208470