Описание
Security update for libXpm
This update for libXpm fixes the following issues:
- CVE-2023-43788: Fixed an out of bounds read when creating an image (bsc#1215686).
- CVE-2023-43789: Fixed an out of bounds read when parsing an XPM file with a corrupted colormap (bsc#1215687).
Список пакетов
Image SLES12-SP5-Azure-SAP-BYOS
libXpm4-3.5.11-6.10.1
Image SLES12-SP5-Azure-SAP-On-Demand
libXpm4-3.5.11-6.10.1
Image SLES12-SP5-EC2-SAP-BYOS
libXpm4-3.5.11-6.10.1
Image SLES12-SP5-EC2-SAP-On-Demand
libXpm4-3.5.11-6.10.1
Image SLES12-SP5-GCE-SAP-BYOS
libXpm4-3.5.11-6.10.1
Image SLES12-SP5-GCE-SAP-On-Demand
libXpm4-3.5.11-6.10.1
Image SLES12-SP5-SAP-Azure-LI-BYOS-Production
libXpm4-3.5.11-6.10.1
Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production
libXpm4-3.5.11-6.10.1
SUSE Linux Enterprise Server 12 SP5
libXpm4-3.5.11-6.10.1
libXpm4-32bit-3.5.11-6.10.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5
libXpm4-3.5.11-6.10.1
libXpm4-32bit-3.5.11-6.10.1
SUSE Linux Enterprise Software Development Kit 12 SP5
libXpm-devel-3.5.11-6.10.1
libXpm-tools-3.5.11-6.10.1
Ссылки
- Link for SUSE-SU-2023:3962-1
- E-Mail link for SUSE-SU-2023:3962-1
- SUSE Security Ratings
- SUSE Bug 1215686
- SUSE Bug 1215687
- SUSE CVE CVE-2023-43788 page
- SUSE CVE CVE-2023-43789 page
Описание
A vulnerability was found in libXpm due to a boundary condition within the XpmCreateXpmImageFromBuffer() function. This flaw allows a local attacker to trigger an out-of-bounds read error and read the contents of memory on the system.
Затронутые продукты
Image SLES12-SP5-Azure-SAP-BYOS:libXpm4-3.5.11-6.10.1
Image SLES12-SP5-Azure-SAP-On-Demand:libXpm4-3.5.11-6.10.1
Image SLES12-SP5-EC2-SAP-BYOS:libXpm4-3.5.11-6.10.1
Image SLES12-SP5-EC2-SAP-On-Demand:libXpm4-3.5.11-6.10.1
Ссылки
- CVE-2023-43788
- SUSE Bug 1215682
- SUSE Bug 1215686
Описание
A vulnerability was found in libXpm where a vulnerability exists due to a boundary condition, a local user can trigger an out-of-bounds read error and read contents of memory on the system.
Затронутые продукты
Image SLES12-SP5-Azure-SAP-BYOS:libXpm4-3.5.11-6.10.1
Image SLES12-SP5-Azure-SAP-On-Demand:libXpm4-3.5.11-6.10.1
Image SLES12-SP5-EC2-SAP-BYOS:libXpm4-3.5.11-6.10.1
Image SLES12-SP5-EC2-SAP-On-Demand:libXpm4-3.5.11-6.10.1
Ссылки
- CVE-2023-43789
- SUSE Bug 1215682
- SUSE Bug 1215687