Описание
Security update for opencc
This update for opencc fixes the following issues:
- CVE-2018-16982: Check offset bounds in BinaryDict::NewFromFile method. (bsc#1108310)
Список пакетов
SUSE Linux Enterprise Module for Desktop Applications 15 SP5
libopencc2-1.0.5-150000.5.3.1
opencc-1.0.5-150000.5.3.1
opencc-data-1.0.5-150000.5.3.1
opencc-devel-1.0.5-150000.5.3.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP6
libopencc2-1.0.5-150000.5.3.1
openSUSE Leap 15.5
libopencc2-1.0.5-150000.5.3.1
opencc-1.0.5-150000.5.3.1
opencc-data-1.0.5-150000.5.3.1
opencc-devel-1.0.5-150000.5.3.1
Ссылки
- Link for SUSE-SU-2024:2102-1
- E-Mail link for SUSE-SU-2024:2102-1
- SUSE Security Ratings
- SUSE Bug 1108310
- SUSE CVE CVE-2018-16982 page
Описание
Open Chinese Convert (OpenCC) 1.0.5 allows attackers to cause a denial of service (segmentation fault) because BinaryDict::NewFromFile in BinaryDict.cpp may have out-of-bounds keyOffset and valueOffset values via a crafted .ocd file.
Затронутые продукты
SUSE Linux Enterprise Module for Desktop Applications 15 SP5:libopencc2-1.0.5-150000.5.3.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP5:opencc-1.0.5-150000.5.3.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP5:opencc-data-1.0.5-150000.5.3.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP5:opencc-devel-1.0.5-150000.5.3.1
Ссылки
- CVE-2018-16982
- SUSE Bug 1108310