SUSE-SU-2024:1377-1

Опубликовано: 22 апр. 2024

Источник: suse-cvrf

Описание

Security update for apache-commons-configuration

This update for apache-commons-configuration fixes the following issues:

CVE-2024-29131: Fixed StackOverflowError adding property in AbstractListDelimiterHandler.flattenIterator() (bsc#1221797).
CVE-2024-29133: Fixed StackOverflowError calling ListDelimiterHandler.flatten(Object, int) with a cyclical object tree (bsc#1221793).

Список пакетов

Container containers/apache-pulsar:3.3

apache-commons-configuration-1.10-150200.3.11.1

SUSE Linux Enterprise Module for Development Tools 15 SP5

apache-commons-configuration-1.10-150200.3.11.1

openSUSE Leap 15.5

apache-commons-configuration-1.10-150200.3.11.1

apache-commons-configuration-javadoc-1.10-150200.3.11.1

Ссылки

https://www.suse.com/support/update/announcement/2024/suse-su-20241377-1/
Link for SUSE-SU-2024:1377-1
https://lists.suse.com/pipermail/sle-updates/2024-April/035050.html
E-Mail link for SUSE-SU-2024:1377-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1221793
SUSE Bug 1221793
https://bugzilla.suse.com/1221797
SUSE Bug 1221797
https://www.suse.com/security/cve/CVE-2024-29131/
SUSE CVE CVE-2024-29131 page
https://www.suse.com/security/cve/CVE-2024-29133/
SUSE CVE CVE-2024-29133 page

Описание

Out-of-bounds Write vulnerability in Apache Commons Configuration.This issue affects Apache Commons Configuration: from 2.0 before 2.10.1. Users are recommended to upgrade to version 2.10.1, which fixes the issue.

Затронутые продукты

Container containers/apache-pulsar:3.3:apache-commons-configuration-1.10-150200.3.11.1

SUSE Linux Enterprise Module for Development Tools 15 SP5:apache-commons-configuration-1.10-150200.3.11.1

openSUSE Leap 15.5:apache-commons-configuration-1.10-150200.3.11.1

openSUSE Leap 15.5:apache-commons-configuration-javadoc-1.10-150200.3.11.1

Ссылки

https://www.suse.com/security/cve/CVE-2024-29131.html
CVE-2024-29131
https://bugzilla.suse.com/1221797
SUSE Bug 1221797

Описание

Затронутые продукты

Container containers/apache-pulsar:3.3:apache-commons-configuration-1.10-150200.3.11.1

SUSE Linux Enterprise Module for Development Tools 15 SP5:apache-commons-configuration-1.10-150200.3.11.1

openSUSE Leap 15.5:apache-commons-configuration-1.10-150200.3.11.1

openSUSE Leap 15.5:apache-commons-configuration-javadoc-1.10-150200.3.11.1

Ссылки

https://www.suse.com/security/cve/CVE-2024-29133.html
CVE-2024-29133
https://bugzilla.suse.com/1221793
SUSE Bug 1221793

SUSE-SU-2024:1377-1

Описание

Список пакетов

Container containers/apache-pulsar:3.3

SUSE Linux Enterprise Module for Development Tools 15 SP5

openSUSE Leap 15.5

Ссылки

Уязвимость: CVE-2024-29131

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2024-29133

Описание

Затронутые продукты

Ссылки