Описание
Security update for libqb
This update for libqb fixes the following issues:
- CVE-2023-39976: Fixed potential buffer overflow with long log messages (bsc#1214066).
Список пакетов
Image SLES15-SP3-SAP-Azure-LI-BYOS-Production
libqb100-2.0.2+20201203.def947e-150300.3.6.1
Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production
libqb100-2.0.2+20201203.def947e-150300.3.6.1
Image SLES15-SP3-SAP-BYOS-Azure
libqb100-2.0.2+20201203.def947e-150300.3.6.1
Image SLES15-SP3-SAP-BYOS-EC2-HVM
libqb100-2.0.2+20201203.def947e-150300.3.6.1
Image SLES15-SP3-SAP-BYOS-GCE
libqb100-2.0.2+20201203.def947e-150300.3.6.1
SUSE Linux Enterprise High Availability Extension 15 SP3
doxygen2man-2.0.2+20201203.def947e-150300.3.6.1
libqb-devel-2.0.2+20201203.def947e-150300.3.6.1
libqb-tests-2.0.2+20201203.def947e-150300.3.6.1
libqb-tools-2.0.2+20201203.def947e-150300.3.6.1
libqb100-2.0.2+20201203.def947e-150300.3.6.1
Ссылки
- Link for SUSE-SU-2023:3727-1
- E-Mail link for SUSE-SU-2023:3727-1
- SUSE Security Ratings
- SUSE Bug 1214066
- SUSE CVE CVE-2023-39976 page
Описание
log_blackbox.c in libqb before 2.0.8 allows a buffer overflow via long log messages because the header size is not considered.
Затронутые продукты
Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:libqb100-2.0.2+20201203.def947e-150300.3.6.1
Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:libqb100-2.0.2+20201203.def947e-150300.3.6.1
Image SLES15-SP3-SAP-BYOS-Azure:libqb100-2.0.2+20201203.def947e-150300.3.6.1
Image SLES15-SP3-SAP-BYOS-EC2-HVM:libqb100-2.0.2+20201203.def947e-150300.3.6.1
Ссылки
- CVE-2023-39976
- SUSE Bug 1214066