SUSE-SU-2024:3675-1

Опубликовано: 16 окт. 2024

Источник: suse-cvrf

Описание

Security update for libarchive

This update for libarchive fixes the following issues:

CVE-2024-48957: Fixed out-of-bounds access in execute_filter_audio in archive_read_support_format_rar.c (bsc#1231544).

Список пакетов

Container bci/spack:0.23

libarchive13-3.7.2-150600.3.6.1

Container bci/spack:latest

libarchive13-3.7.2-150600.3.6.1

Container containers/pytorch:2-nvidia

libarchive13-3.7.2-150600.3.6.1

Container containers/pytorch:2.5.0

libarchive13-3.7.2-150600.3.6.1

Container suse/manager/5.0/x86_64/server:latest

libarchive13-3.7.2-150600.3.6.1

Image SLES15-SP6-SAP

libarchive13-3.7.2-150600.3.6.1

Image SLES15-SP6-SAP-Azure

libarchive13-3.7.2-150600.3.6.1

Image SLES15-SP6-SAP-EC2

libarchive13-3.7.2-150600.3.6.1

Image SLES15-SP6-SAP-GCE

libarchive13-3.7.2-150600.3.6.1

Image SLES15-SP6-SAPCAL

libarchive13-3.7.2-150600.3.6.1

Image SLES15-SP6-SAPCAL-Azure

libarchive13-3.7.2-150600.3.6.1

Image SLES15-SP6-SAPCAL-EC2

libarchive13-3.7.2-150600.3.6.1

Image SLES15-SP6-SAPCAL-GCE

libarchive13-3.7.2-150600.3.6.1

Image ai_15_6

libarchive13-3.7.2-150600.3.6.1

Image server-image

libarchive13-3.7.2-150600.3.6.1

SUSE Linux Enterprise Module for Basesystem 15 SP6

libarchive-devel-3.7.2-150600.3.6.1

libarchive13-3.7.2-150600.3.6.1

SUSE Linux Enterprise Module for Development Tools 15 SP6

bsdtar-3.7.2-150600.3.6.1

openSUSE Leap 15.6

bsdtar-3.7.2-150600.3.6.1

libarchive-devel-3.7.2-150600.3.6.1

libarchive13-3.7.2-150600.3.6.1

libarchive13-32bit-3.7.2-150600.3.6.1

Ссылки

https://www.suse.com/support/update/announcement/2024/suse-su-20243675-1/
Link for SUSE-SU-2024:3675-1
https://lists.suse.com/pipermail/sle-updates/2024-October/037297.html
E-Mail link for SUSE-SU-2024:3675-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1231544
SUSE Bug 1231544
https://www.suse.com/security/cve/CVE-2024-48957/
SUSE CVE CVE-2024-48957 page

Описание

execute_filter_audio in archive_read_support_format_rar.c in libarchive before 3.7.5 allows out-of-bounds access via a crafted archive file because src can move beyond dst.

Затронутые продукты

Container bci/spack:0.23:libarchive13-3.7.2-150600.3.6.1

Container bci/spack:latest:libarchive13-3.7.2-150600.3.6.1

Container containers/pytorch:2-nvidia:libarchive13-3.7.2-150600.3.6.1

Container containers/pytorch:2.5.0:libarchive13-3.7.2-150600.3.6.1

Ссылки

https://www.suse.com/security/cve/CVE-2024-48957.html
CVE-2024-48957
https://bugzilla.suse.com/1231543
SUSE Bug 1231543

SUSE-SU-2024:3675-1

Описание

Список пакетов

Container bci/spack:0.23

Container bci/spack:latest

Container containers/pytorch:2-nvidia

Container containers/pytorch:2.5.0

Container suse/manager/5.0/x86_64/server:latest

Image SLES15-SP6-SAP

Image SLES15-SP6-SAP-Azure

Image SLES15-SP6-SAP-EC2

Image SLES15-SP6-SAP-GCE

Image SLES15-SP6-SAPCAL

Image SLES15-SP6-SAPCAL-Azure

Image SLES15-SP6-SAPCAL-EC2

Image SLES15-SP6-SAPCAL-GCE

Image ai_15_6

Image server-image

SUSE Linux Enterprise Module for Basesystem 15 SP6

SUSE Linux Enterprise Module for Development Tools 15 SP6

openSUSE Leap 15.6

Ссылки

Уязвимость: CVE-2024-48957

Описание

Затронутые продукты

Ссылки