SUSE-SU-2024:2926-1

Опубликовано: 15 авг. 2024

Источник: suse-cvrf

Описание

Security update for zziplib

This update for zziplib fixes the following issues:

CVE-2024-39134: Fixed a stack buffer overflow via the __zzip_fetch_disk_trailer() (bsc#1227178)

Список пакетов

SUSE Linux Enterprise Software Development Kit 12 SP5

libzzip-0-13-0.13.67-10.39.1

zziplib-devel-0.13.67-10.39.1

SUSE Linux Enterprise Workstation Extension 12 SP5

libzzip-0-13-0.13.67-10.39.1

Ссылки

https://www.suse.com/support/update/announcement/2024/suse-su-20242926-1/
Link for SUSE-SU-2024:2926-1
https://lists.suse.com/pipermail/sle-security-updates/2024-August/019204.html
E-Mail link for SUSE-SU-2024:2926-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1227178
SUSE Bug 1227178
https://www.suse.com/security/cve/CVE-2024-39134/
SUSE CVE CVE-2024-39134 page

Описание

A Stack Buffer Overflow vulnerability in zziplibv 0.13.77 allows attackers to cause a denial of service via the __zzip_fetch_disk_trailer() function at /zzip/zip.c.

Затронутые продукты

SUSE Linux Enterprise Software Development Kit 12 SP5:libzzip-0-13-0.13.67-10.39.1

SUSE Linux Enterprise Software Development Kit 12 SP5:zziplib-devel-0.13.67-10.39.1

SUSE Linux Enterprise Workstation Extension 12 SP5:libzzip-0-13-0.13.67-10.39.1

Ссылки

https://www.suse.com/security/cve/CVE-2024-39134.html
CVE-2024-39134
https://bugzilla.suse.com/1227178
SUSE Bug 1227178

SUSE-SU-2024:2926-1

Описание

Список пакетов

SUSE Linux Enterprise Software Development Kit 12 SP5

SUSE Linux Enterprise Workstation Extension 12 SP5

Ссылки

Уязвимость: CVE-2024-39134

Описание

Затронутые продукты

Ссылки