Описание
Security update for xerces-c
This update for xerces-c fixes the following issues:
- CVE-2023-37536: Fixed an integer overflow that could have led to a out-of-bounds memory accesses (bsc#1216156).
Список пакетов
SUSE Enterprise Storage 7.1
libxerces-c-3_1-3.1.4-150200.10.8.2
libxerces-c-3_1-32bit-3.1.4-150200.10.8.2
SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS
libxerces-c-3_1-3.1.4-150200.10.8.2
libxerces-c-devel-3.1.4-150200.10.8.2
SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS
libxerces-c-3_1-3.1.4-150200.10.8.2
libxerces-c-3_1-32bit-3.1.4-150200.10.8.2
SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS
libxerces-c-3_1-3.1.4-150200.10.8.2
libxerces-c-3_1-32bit-3.1.4-150200.10.8.2
SUSE Linux Enterprise Server 15 SP2-LTSS
libxerces-c-3_1-3.1.4-150200.10.8.2
libxerces-c-devel-3.1.4-150200.10.8.2
SUSE Linux Enterprise Server 15 SP3-LTSS
libxerces-c-3_1-3.1.4-150200.10.8.2
libxerces-c-3_1-32bit-3.1.4-150200.10.8.2
SUSE Linux Enterprise Server for SAP Applications 15 SP2
libxerces-c-3_1-3.1.4-150200.10.8.2
libxerces-c-devel-3.1.4-150200.10.8.2
SUSE Linux Enterprise Server for SAP Applications 15 SP3
libxerces-c-3_1-3.1.4-150200.10.8.2
libxerces-c-3_1-32bit-3.1.4-150200.10.8.2
openSUSE Leap 15.4
libxerces-c-3_1-3.1.4-150200.10.8.2
libxerces-c-3_1-32bit-3.1.4-150200.10.8.2
Ссылки
- Link for SUSE-SU-2023:4715-1
- E-Mail link for SUSE-SU-2023:4715-1
- SUSE Security Ratings
- SUSE Bug 1216156
- SUSE CVE CVE-2023-37536 page
Описание
An integer overflow in xerces-c++ 3.2.3 in BigFix Platform allows remote attackers to cause out-of-bound access via HTTP request.
Затронутые продукты
SUSE Enterprise Storage 7.1:libxerces-c-3_1-3.1.4-150200.10.8.2
SUSE Enterprise Storage 7.1:libxerces-c-3_1-32bit-3.1.4-150200.10.8.2
SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libxerces-c-3_1-3.1.4-150200.10.8.2
SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libxerces-c-devel-3.1.4-150200.10.8.2
Ссылки
- CVE-2023-37536
- SUSE Bug 1216156
- SUSE Bug 1219472
- SUSE Bug 1219708
- SUSE Bug 1221037