SUSE-SU-2023:2134-1

Опубликовано: 09 мая 2023

Источник: suse-cvrf

Описание

Security update for python-ujson

This update for python-ujson fixes the following issues:

CVE-2021-45958: Fixed a stack-based buffer overflow in Buffer_AppendIndentUnchecked (bsc#1194261).

Список пакетов

SUSE Linux Enterprise Module for Development Tools 15 SP4

python3-ujson-1.35-150100.3.8.1

SUSE Linux Enterprise Module for Package Hub 15 SP4

python2-ujson-1.35-150100.3.8.1

SUSE Linux Enterprise Real Time 15 SP3

python3-ujson-1.35-150100.3.8.1

openSUSE Leap 15.4

python3-ujson-1.35-150100.3.8.1

Ссылки

https://www.suse.com/support/update/announcement/2023/suse-su-20232134-1/
Link for SUSE-SU-2023:2134-1
https://lists.suse.com/pipermail/sle-security-updates/2023-May/014793.html
E-Mail link for SUSE-SU-2023:2134-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1194261
SUSE Bug 1194261
https://www.suse.com/security/cve/CVE-2021-45958/
SUSE CVE CVE-2021-45958 page

Описание

UltraJSON (aka ujson) through 5.1.0 has a stack-based buffer overflow in Buffer_AppendIndentUnchecked (called from encode). Exploitation can, for example, use a large amount of indentation.

Затронутые продукты

SUSE Linux Enterprise Module for Development Tools 15 SP4:python3-ujson-1.35-150100.3.8.1

SUSE Linux Enterprise Module for Package Hub 15 SP4:python2-ujson-1.35-150100.3.8.1

SUSE Linux Enterprise Real Time 15 SP3:python3-ujson-1.35-150100.3.8.1

openSUSE Leap 15.4:python3-ujson-1.35-150100.3.8.1

Ссылки

https://www.suse.com/security/cve/CVE-2021-45958.html
CVE-2021-45958
https://bugzilla.suse.com/1194261
SUSE Bug 1194261

SUSE-SU-2023:2134-1

Описание

Список пакетов

SUSE Linux Enterprise Module for Development Tools 15 SP4

SUSE Linux Enterprise Module for Package Hub 15 SP4

SUSE Linux Enterprise Real Time 15 SP3

openSUSE Leap 15.4

Ссылки

Уязвимость: CVE-2021-45958

Описание

Затронутые продукты

Ссылки