SUSE-SU-2023:3728-1

Опубликовано: 22 сент. 2023

Источник: suse-cvrf

Описание

Security update for libqb

This update for libqb fixes the following issues:

CVE-2023-39976: Fixed potential buffer overflow with long log messages (bsc#1214066).

Список пакетов

Image SLES15-SP1-SAP-Azure-LI-BYOS-Production

libqb20-1.0.3+20190326.a521604-150100.3.9.1

Image SLES15-SP1-SAP-Azure-VLI-BYOS-Production

libqb20-1.0.3+20190326.a521604-150100.3.9.1

Image SLES15-SP2-SAP-Azure

libqb20-1.0.3+20190326.a521604-150100.3.9.1

Image SLES15-SP2-SAP-Azure-LI-BYOS-Production

libqb20-1.0.3+20190326.a521604-150100.3.9.1

Image SLES15-SP2-SAP-Azure-VLI-BYOS-Production

libqb20-1.0.3+20190326.a521604-150100.3.9.1

Image SLES15-SP2-SAP-BYOS-Azure

libqb20-1.0.3+20190326.a521604-150100.3.9.1

Image SLES15-SP2-SAP-BYOS-EC2-HVM

libqb20-1.0.3+20190326.a521604-150100.3.9.1

Image SLES15-SP2-SAP-BYOS-GCE

libqb20-1.0.3+20190326.a521604-150100.3.9.1

Image SLES15-SP2-SAP-EC2-HVM

libqb20-1.0.3+20190326.a521604-150100.3.9.1

Image SLES15-SP2-SAP-GCE

libqb20-1.0.3+20190326.a521604-150100.3.9.1

SUSE Linux Enterprise High Availability Extension 15 SP1

libqb-devel-1.0.3+20190326.a521604-150100.3.9.1

libqb-tests-1.0.3+20190326.a521604-150100.3.9.1

libqb-tools-1.0.3+20190326.a521604-150100.3.9.1

libqb20-1.0.3+20190326.a521604-150100.3.9.1

SUSE Linux Enterprise High Availability Extension 15 SP2

libqb-devel-1.0.3+20190326.a521604-150100.3.9.1

libqb-tests-1.0.3+20190326.a521604-150100.3.9.1

libqb-tools-1.0.3+20190326.a521604-150100.3.9.1

libqb20-1.0.3+20190326.a521604-150100.3.9.1

openSUSE Leap 15.4

libqb20-1.0.3+20190326.a521604-150100.3.9.1

libqb20-32bit-1.0.3+20190326.a521604-150100.3.9.1

Ссылки

https://www.suse.com/support/update/announcement/2023/suse-su-20233728-1/
Link for SUSE-SU-2023:3728-1
https://lists.suse.com/pipermail/sle-security-updates/2023-September/016295.html
E-Mail link for SUSE-SU-2023:3728-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1214066
SUSE Bug 1214066
https://www.suse.com/security/cve/CVE-2023-39976/
SUSE CVE CVE-2023-39976 page

Описание

log_blackbox.c in libqb before 2.0.8 allows a buffer overflow via long log messages because the header size is not considered.

Затронутые продукты

Image SLES15-SP1-SAP-Azure-LI-BYOS-Production:libqb20-1.0.3+20190326.a521604-150100.3.9.1

Image SLES15-SP1-SAP-Azure-VLI-BYOS-Production:libqb20-1.0.3+20190326.a521604-150100.3.9.1

Image SLES15-SP2-SAP-Azure-LI-BYOS-Production:libqb20-1.0.3+20190326.a521604-150100.3.9.1

Image SLES15-SP2-SAP-Azure-VLI-BYOS-Production:libqb20-1.0.3+20190326.a521604-150100.3.9.1

Ссылки

https://www.suse.com/security/cve/CVE-2023-39976.html
CVE-2023-39976
https://bugzilla.suse.com/1214066
SUSE Bug 1214066

SUSE-SU-2023:3728-1

Описание

Список пакетов

Image SLES15-SP1-SAP-Azure-LI-BYOS-Production

Image SLES15-SP1-SAP-Azure-VLI-BYOS-Production

Image SLES15-SP2-SAP-Azure

Image SLES15-SP2-SAP-Azure-LI-BYOS-Production

Image SLES15-SP2-SAP-Azure-VLI-BYOS-Production

Image SLES15-SP2-SAP-BYOS-Azure

Image SLES15-SP2-SAP-BYOS-EC2-HVM

Image SLES15-SP2-SAP-BYOS-GCE

Image SLES15-SP2-SAP-EC2-HVM

Image SLES15-SP2-SAP-GCE

SUSE Linux Enterprise High Availability Extension 15 SP1

SUSE Linux Enterprise High Availability Extension 15 SP2

openSUSE Leap 15.4

Ссылки

Уязвимость: CVE-2023-39976

Описание

Затронутые продукты

Ссылки