Описание
Security update for libcares2
This update for libcares2 fixes the following issues:
- CVE-2022-4904: Fixed stack overflow in ares_set_sortlist() (bsc#1208067).
Список пакетов
Image SLES12-SP5-SAP-Azure-LI-BYOS-Production
libcares2-1.9.1-9.15.1
Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production
libcares2-1.9.1-9.15.1
SUSE Linux Enterprise Server 12 SP5
libcares2-1.9.1-9.15.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5
libcares2-1.9.1-9.15.1
SUSE Linux Enterprise Software Development Kit 12 SP5
libcares-devel-1.9.1-9.15.1
SUSE Linux Enterprise Workstation Extension 12 SP5
libcares2-32bit-1.9.1-9.15.1
Ссылки
- Link for SUSE-SU-2023:3420-1
- E-Mail link for SUSE-SU-2023:3420-1
- SUSE Security Ratings
- SUSE Bug 1208067
- SUSE CVE CVE-2022-4904 page
Описание
A flaw was found in the c-ares package. The ares_set_sortlist is missing checks about the validity of the input string, which allows a possible arbitrary length stack overflow. This issue may cause a denial of service or a limited impact on confidentiality and integrity.
Затронутые продукты
Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:libcares2-1.9.1-9.15.1
Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:libcares2-1.9.1-9.15.1
SUSE Linux Enterprise Server 12 SP5:libcares2-1.9.1-9.15.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5:libcares2-1.9.1-9.15.1
Ссылки
- CVE-2022-4904
- SUSE Bug 1208067