SUSE-SU-2024:1256-1

Опубликовано: 12 апр. 2024

Источник: suse-cvrf

Описание

Security update for perl-Net-CIDR-Lite

This update for perl-Net-CIDR-Lite fixes the following issues:

CVE-2021-47154: Fixed leading zeroes in IPv4 octets may allow attackers to bypass certain access controls (bsc#1221564).

Список пакетов

SUSE Linux Enterprise Module for Development Tools 15 SP5

perl-Net-CIDR-Lite-0.21-150100.6.3.1

openSUSE Leap 15.5

perl-Net-CIDR-Lite-0.21-150100.6.3.1

Ссылки

https://www.suse.com/support/update/announcement/2024/suse-su-20241256-1/
Link for SUSE-SU-2024:1256-1
https://lists.suse.com/pipermail/sle-updates/2024-April/034948.html
E-Mail link for SUSE-SU-2024:1256-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1221564
SUSE Bug 1221564
https://www.suse.com/security/cve/CVE-2021-47154/
SUSE CVE CVE-2021-47154 page

Описание

The Net::CIDR::Lite module before 0.22 for Perl does not properly consider extraneous zero characters at the beginning of an IP address string, which (in some situations) allows attackers to bypass access control that is based on IP addresses.

Затронутые продукты

SUSE Linux Enterprise Module for Development Tools 15 SP5:perl-Net-CIDR-Lite-0.21-150100.6.3.1

openSUSE Leap 15.5:perl-Net-CIDR-Lite-0.21-150100.6.3.1

Ссылки

https://www.suse.com/security/cve/CVE-2021-47154.html
CVE-2021-47154
https://bugzilla.suse.com/1221564
SUSE Bug 1221564

SUSE-SU-2024:1256-1

Описание

Список пакетов

SUSE Linux Enterprise Module for Development Tools 15 SP5

openSUSE Leap 15.5

Ссылки

Уязвимость: CVE-2021-47154

Описание

Затронутые продукты

Ссылки