SUSE-SU-2023:3940-1

Опубликовано: 03 окт. 2023

Источник: suse-cvrf

Описание

Security update for libvpx

This update for libvpx fixes the following issues:

CVE-2023-5217: Fixed a heap buffer overflow (bsc#1215778).

Список пакетов

Image SLES12-SP5-Azure-SAP-BYOS

libvpx1-1.3.0-3.12.1

Image SLES12-SP5-Azure-SAP-On-Demand

libvpx1-1.3.0-3.12.1

Image SLES12-SP5-EC2-SAP-BYOS

libvpx1-1.3.0-3.12.1

Image SLES12-SP5-EC2-SAP-On-Demand

libvpx1-1.3.0-3.12.1

Image SLES12-SP5-GCE-SAP-BYOS

libvpx1-1.3.0-3.12.1

Image SLES12-SP5-GCE-SAP-On-Demand

libvpx1-1.3.0-3.12.1

Image SLES12-SP5-SAP-Azure-LI-BYOS-Production

libvpx1-1.3.0-3.12.1

Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production

libvpx1-1.3.0-3.12.1

SUSE Linux Enterprise Server 12 SP5

libvpx1-1.3.0-3.12.1

SUSE Linux Enterprise Server for SAP Applications 12 SP5

libvpx1-1.3.0-3.12.1

SUSE Linux Enterprise Software Development Kit 12 SP5

libvpx-devel-1.3.0-3.12.1

SUSE Linux Enterprise Workstation Extension 12 SP5

libvpx1-32bit-1.3.0-3.12.1

vpx-tools-1.3.0-3.12.1

Ссылки

https://www.suse.com/support/update/announcement/2023/suse-su-20233940-1/
Link for SUSE-SU-2023:3940-1
https://lists.suse.com/pipermail/sle-security-updates/2023-October/016485.html
E-Mail link for SUSE-SU-2023:3940-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1215778
SUSE Bug 1215778
https://www.suse.com/security/cve/CVE-2023-5217/
SUSE CVE CVE-2023-5217 page

Описание

Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Затронутые продукты

Image SLES12-SP5-Azure-SAP-BYOS:libvpx1-1.3.0-3.12.1

Image SLES12-SP5-Azure-SAP-On-Demand:libvpx1-1.3.0-3.12.1

Image SLES12-SP5-EC2-SAP-BYOS:libvpx1-1.3.0-3.12.1

Image SLES12-SP5-EC2-SAP-On-Demand:libvpx1-1.3.0-3.12.1

Ссылки

https://www.suse.com/security/cve/CVE-2023-5217.html
CVE-2023-5217
https://bugzilla.suse.com/1215776
SUSE Bug 1215776
https://bugzilla.suse.com/1215778
SUSE Bug 1215778
https://bugzilla.suse.com/1215814
SUSE Bug 1215814
https://bugzilla.suse.com/1217559
SUSE Bug 1217559

SUSE-SU-2023:3940-1

Описание

Список пакетов

Image SLES12-SP5-Azure-SAP-BYOS

Image SLES12-SP5-Azure-SAP-On-Demand

Image SLES12-SP5-EC2-SAP-BYOS

Image SLES12-SP5-EC2-SAP-On-Demand

Image SLES12-SP5-GCE-SAP-BYOS

Image SLES12-SP5-GCE-SAP-On-Demand

Image SLES12-SP5-SAP-Azure-LI-BYOS-Production

Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production

SUSE Linux Enterprise Server 12 SP5

SUSE Linux Enterprise Server for SAP Applications 12 SP5

SUSE Linux Enterprise Software Development Kit 12 SP5

SUSE Linux Enterprise Workstation Extension 12 SP5

Ссылки

Уязвимость: CVE-2023-5217

Описание

Затронутые продукты

Ссылки