Описание
Security update for libvpx
This update for libvpx fixes the following issues:
- CVE-2023-5217: Fixed a heap buffer overflow (bsc#1215778).
Список пакетов
SUSE Enterprise Storage 7.1
libvpx-devel-1.6.1-150000.6.11.1
libvpx4-1.6.1-150000.6.11.1
SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS
libvpx-devel-1.6.1-150000.6.11.1
libvpx4-1.6.1-150000.6.11.1
libvpx4-32bit-1.6.1-150000.6.11.1
SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS
libvpx-devel-1.6.1-150000.6.11.1
libvpx4-1.6.1-150000.6.11.1
SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS
libvpx-devel-1.6.1-150000.6.11.1
libvpx4-1.6.1-150000.6.11.1
SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS
libvpx-devel-1.6.1-150000.6.11.1
libvpx4-1.6.1-150000.6.11.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP4
libvpx4-1.6.1-150000.6.11.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP5
libvpx4-1.6.1-150000.6.11.1
SUSE Linux Enterprise Server 15 SP1-LTSS
libvpx-devel-1.6.1-150000.6.11.1
libvpx4-1.6.1-150000.6.11.1
libvpx4-32bit-1.6.1-150000.6.11.1
SUSE Linux Enterprise Server 15 SP2-LTSS
libvpx-devel-1.6.1-150000.6.11.1
libvpx4-1.6.1-150000.6.11.1
SUSE Linux Enterprise Server 15 SP3-LTSS
libvpx-devel-1.6.1-150000.6.11.1
libvpx4-1.6.1-150000.6.11.1
SUSE Linux Enterprise Server for SAP Applications 15 SP1
libvpx-devel-1.6.1-150000.6.11.1
libvpx4-1.6.1-150000.6.11.1
libvpx4-32bit-1.6.1-150000.6.11.1
SUSE Linux Enterprise Server for SAP Applications 15 SP2
libvpx-devel-1.6.1-150000.6.11.1
libvpx4-1.6.1-150000.6.11.1
SUSE Linux Enterprise Server for SAP Applications 15 SP3
libvpx-devel-1.6.1-150000.6.11.1
libvpx4-1.6.1-150000.6.11.1
SUSE Manager Proxy 4.2
libvpx-devel-1.6.1-150000.6.11.1
libvpx4-1.6.1-150000.6.11.1
SUSE Manager Server 4.2
libvpx-devel-1.6.1-150000.6.11.1
libvpx4-1.6.1-150000.6.11.1
openSUSE Leap 15.4
libvpx4-1.6.1-150000.6.11.1
libvpx4-32bit-1.6.1-150000.6.11.1
Ссылки
- Link for SUSE-SU-2023:3948-1
- E-Mail link for SUSE-SU-2023:3948-1
- SUSE Security Ratings
- SUSE Bug 1215778
- SUSE CVE CVE-2023-5217 page
Описание
Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Затронутые продукты
SUSE Enterprise Storage 7.1:libvpx-devel-1.6.1-150000.6.11.1
SUSE Enterprise Storage 7.1:libvpx4-1.6.1-150000.6.11.1
SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libvpx-devel-1.6.1-150000.6.11.1
SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libvpx4-1.6.1-150000.6.11.1
Ссылки
- CVE-2023-5217
- SUSE Bug 1215776
- SUSE Bug 1215778
- SUSE Bug 1215814
- SUSE Bug 1217559