exploitDog

SUSE-SU-2023:2195-1

Опубликовано: 15 мая 2023

Источник: suse-cvrf

Описание

Security update for libraw

This update for libraw fixes the following issues:

CVE-2023-1729: Fixed a heap buffer overflow when converting an image (bsc#1210720).

Список пакетов

SUSE Linux Enterprise Workstation Extension 15 SP4

libraw16-0.18.9-150000.3.20.1

openSUSE Leap 15.4

libraw16-0.18.9-150000.3.20.1

Ссылки

https://www.suse.com/support/update/announcement/2023/suse-su-20232195-1/
Link for SUSE-SU-2023:2195-1
https://lists.suse.com/pipermail/sle-updates/2023-May/029407.html
E-Mail link for SUSE-SU-2023:2195-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1210720
SUSE Bug 1210720
https://www.suse.com/security/cve/CVE-2023-1729/
SUSE CVE CVE-2023-1729 page

Описание

A flaw was found in LibRaw. A heap-buffer-overflow in raw2image_ex() caused by a maliciously crafted file may lead to an application crash.

Затронутые продукты

SUSE Linux Enterprise Workstation Extension 15 SP4:libraw16-0.18.9-150000.3.20.1

openSUSE Leap 15.4:libraw16-0.18.9-150000.3.20.1

Ссылки

https://www.suse.com/security/cve/CVE-2023-1729.html
CVE-2023-1729
https://bugzilla.suse.com/1210720
SUSE Bug 1210720