SUSE-SU-2023:1772-1

Опубликовано: 05 апр. 2023

Источник: suse-cvrf

Описание

Security update for liblouis

This update for liblouis fixes the following issues:

CVE-2023-26767: Fixed buffer overflow vulnerability in lou_logFile function (bsc#1209429).
CVE-2023-26769: Fixed buffer Overflow vulnerability in resolveSubtable function (bsc#1209432).

Список пакетов

SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS

liblouis-data-3.3.0-150000.4.13.1

liblouis-devel-3.3.0-150000.4.13.1

liblouis14-3.3.0-150000.4.13.1

python3-louis-3.3.0-150000.4.13.1

SUSE Linux Enterprise Server 15 SP1-LTSS

liblouis-data-3.3.0-150000.4.13.1

liblouis-devel-3.3.0-150000.4.13.1

liblouis14-3.3.0-150000.4.13.1

python3-louis-3.3.0-150000.4.13.1

SUSE Linux Enterprise Server for SAP Applications 15 SP1

liblouis-data-3.3.0-150000.4.13.1

liblouis-devel-3.3.0-150000.4.13.1

liblouis14-3.3.0-150000.4.13.1

python3-louis-3.3.0-150000.4.13.1

openSUSE Leap 15.4

liblouis14-3.3.0-150000.4.13.1

Ссылки

https://www.suse.com/support/update/announcement/2023/suse-su-20231772-1/
Link for SUSE-SU-2023:1772-1
https://lists.suse.com/pipermail/sle-updates/2023-April/028649.html
E-Mail link for SUSE-SU-2023:1772-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1209429
SUSE Bug 1209429
https://bugzilla.suse.com/1209432
SUSE Bug 1209432
https://www.suse.com/security/cve/CVE-2023-26767/
SUSE CVE CVE-2023-26767 page
https://www.suse.com/security/cve/CVE-2023-26769/
SUSE CVE CVE-2023-26769 page

Описание

Buffer Overflow vulnerability found in Liblouis v.3.24.0 allows a remote attacker to cause a denial of service via the lou_logFile function at logginc.c endpoint.

Затронутые продукты

SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:liblouis-data-3.3.0-150000.4.13.1

SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:liblouis-devel-3.3.0-150000.4.13.1

SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:liblouis14-3.3.0-150000.4.13.1

SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-louis-3.3.0-150000.4.13.1

Ссылки

https://www.suse.com/security/cve/CVE-2023-26767.html
CVE-2023-26767
https://bugzilla.suse.com/1209429
SUSE Bug 1209429

Описание

Buffer Overflow vulnerability found in Liblouis Lou_Trace v.3.24.0 allows a remote attacker to cause a denial of service via the resolveSubtable function at compileTranslationTabel.c.

Затронутые продукты

SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:liblouis-data-3.3.0-150000.4.13.1

SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:liblouis-devel-3.3.0-150000.4.13.1

SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:liblouis14-3.3.0-150000.4.13.1

SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-louis-3.3.0-150000.4.13.1

Ссылки

https://www.suse.com/security/cve/CVE-2023-26769.html
CVE-2023-26769
https://bugzilla.suse.com/1209432
SUSE Bug 1209432

SUSE-SU-2023:1772-1

Описание

Список пакетов

SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS

SUSE Linux Enterprise Server 15 SP1-LTSS

SUSE Linux Enterprise Server for SAP Applications 15 SP1

openSUSE Leap 15.4

Ссылки

Уязвимость: CVE-2023-26767

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2023-26769

Описание

Затронутые продукты

Ссылки