SUSE-SU-2024:2621-1

Опубликовано: 30 июл. 2024

Источник: suse-cvrf

Описание

Security update for devscripts

This update for devscripts fixes the following issues:

CVE-2014-1833: Fixed symlink directory traversal in uupdate (bsc#861514)

Список пакетов

SUSE Linux Enterprise Software Development Kit 12 SP5

checkbashisms-2.12.6-5.3.1

Ссылки

https://www.suse.com/support/update/announcement/2024/suse-su-20242621-1/
Link for SUSE-SU-2024:2621-1
https://lists.suse.com/pipermail/sle-security-updates/2024-July/019052.html
E-Mail link for SUSE-SU-2024:2621-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/861514
SUSE Bug 861514
https://www.suse.com/security/cve/CVE-2014-1833/
SUSE CVE CVE-2014-1833 page

Описание

Directory traversal vulnerability in uupdate in devscripts 2.14.1 allows remote attackers to modify arbitrary files via a crafted .orig.tar file, related to a symlink.

Затронутые продукты

SUSE Linux Enterprise Software Development Kit 12 SP5:checkbashisms-2.12.6-5.3.1

Ссылки

https://www.suse.com/security/cve/CVE-2014-1833.html
CVE-2014-1833
https://bugzilla.suse.com/861514
SUSE Bug 861514

SUSE-SU-2024:2621-1

Описание

Список пакетов

SUSE Linux Enterprise Software Development Kit 12 SP5

Ссылки

Уязвимость: CVE-2014-1833

Описание

Затронутые продукты

Ссылки