Описание
Security update for python-uamqp
This update for python-uamqp fixes the following issues:
- CVE-2024-21646: Fix integer overflow which may cause remote code execution (bsc#1219409).
Список пакетов
Image SLES15-SP2-BYOS-Azure
python3-uamqp-1.5.3-150100.4.10.1
Image SLES15-SP2-HPC-BYOS-Azure
python3-uamqp-1.5.3-150100.4.10.1
Image SLES15-SP2-SAP-Azure
python3-uamqp-1.5.3-150100.4.10.1
Image SLES15-SP2-SAP-BYOS-Azure
python3-uamqp-1.5.3-150100.4.10.1
Image SLES15-SP3-BYOS-Azure
python3-uamqp-1.5.3-150100.4.10.1
Image SLES15-SP3-HPC-BYOS-Azure
python3-uamqp-1.5.3-150100.4.10.1
Image SLES15-SP3-SAP-BYOS-Azure
python3-uamqp-1.5.3-150100.4.10.1
Image SLES15-SP3-SAPCAL-Azure
python3-uamqp-1.5.3-150100.4.10.1
SUSE Linux Enterprise Module for Public Cloud 15 SP2
python3-uamqp-1.5.3-150100.4.10.1
SUSE Linux Enterprise Module for Public Cloud 15 SP3
python3-uamqp-1.5.3-150100.4.10.1
SUSE Linux Enterprise Module for Public Cloud 15 SP4
python3-uamqp-1.5.3-150100.4.10.1
SUSE Linux Enterprise Module for Public Cloud 15 SP5
python3-uamqp-1.5.3-150100.4.10.1
openSUSE Leap 15.5
python3-uamqp-1.5.3-150100.4.10.1
Ссылки
- Link for SUSE-SU-2024:0323-1
- E-Mail link for SUSE-SU-2024:0323-1
- SUSE Security Ratings
- SUSE Bug 1219409
- SUSE CVE CVE-2024-21646 page
Описание
Azure uAMQP is a general purpose C library for AMQP 1.0. The UAMQP library is used by several clients to implement AMQP protocol communication. When clients using this library receive a crafted binary type data, an integer overflow or wraparound or memory safety issue can occur and may cause remote code execution. This vulnerability has been patched in release 2024-01-01.
Затронутые продукты
Image SLES15-SP2-BYOS-Azure:python3-uamqp-1.5.3-150100.4.10.1
Image SLES15-SP2-HPC-BYOS-Azure:python3-uamqp-1.5.3-150100.4.10.1
Image SLES15-SP2-SAP-Azure:python3-uamqp-1.5.3-150100.4.10.1
Image SLES15-SP2-SAP-BYOS-Azure:python3-uamqp-1.5.3-150100.4.10.1
Ссылки
- CVE-2024-21646
- SUSE Bug 1219409