Описание
Security update for nbdkit
This update for nbdkit fixes the following issues:
Update to version 1.36.5.
Security fixes:
- CVE-2025-47712: integer overflow in blocksize filter when processing client block status requests larger than 2**32 will trigger an assertion failure and cause a denial-of-service. (bsc#1243108).
- CVE-2025-47711: off-by-one error when processing block status results from plugins on behalf of an NBD client may trigger an assertion failure and cause a denial of service (bsc#1243110).
Other fixes and changes:
- tests: Add test-blkio.sh to unconditional EXTRA_DIST rule.
- Revert 'valgrind: Add suppression for liblzma bug'.
- vddk: Move 'Unknown error' information to the manual.
- ocaml Add better comments to the example plugin.
- ocaml: Simplify pread operation.
- ocaml: Define a struct handle to hold the OCaml handle.
- ocaml: Add OCaml version to --dump-plugin output.
- ocaml: Print callback name when an exception is printed.
- ocaml: Combine all exception printing into a single macro.
Список пакетов
SUSE Linux Enterprise Module for Server Applications 15 SP6
nbdkit-1.36.5-150400.3.9.1
nbdkit-basic-filters-1.36.5-150400.3.9.1
nbdkit-basic-plugins-1.36.5-150400.3.9.1
nbdkit-curl-plugin-1.36.5-150400.3.9.1
nbdkit-nbd-plugin-1.36.5-150400.3.9.1
nbdkit-python-plugin-1.36.5-150400.3.9.1
nbdkit-server-1.36.5-150400.3.9.1
nbdkit-ssh-plugin-1.36.5-150400.3.9.1
nbdkit-vddk-plugin-1.36.5-150400.3.9.1
openSUSE Leap 15.6
nbdkit-1.36.5-150400.3.9.1
nbdkit-bash-completion-1.36.5-150400.3.9.1
nbdkit-basic-filters-1.36.5-150400.3.9.1
nbdkit-basic-plugins-1.36.5-150400.3.9.1
nbdkit-curl-plugin-1.36.5-150400.3.9.1
nbdkit-devel-1.36.5-150400.3.9.1
nbdkit-example-plugins-1.36.5-150400.3.9.1
nbdkit-gzip-filter-1.36.5-150400.3.9.1
nbdkit-linuxdisk-plugin-1.36.5-150400.3.9.1
nbdkit-nbd-plugin-1.36.5-150400.3.9.1
nbdkit-python-plugin-1.36.5-150400.3.9.1
nbdkit-server-1.36.5-150400.3.9.1
nbdkit-ssh-plugin-1.36.5-150400.3.9.1
nbdkit-tar-filter-1.36.5-150400.3.9.1
nbdkit-tmpdisk-plugin-1.36.5-150400.3.9.1
nbdkit-vddk-plugin-1.36.5-150400.3.9.1
nbdkit-xz-filter-1.36.5-150400.3.9.1
Ссылки
- Link for SUSE-SU-2025:01889-1
- E-Mail link for SUSE-SU-2025:01889-1
- SUSE Security Ratings
- SUSE Bug 1243108
- SUSE Bug 1243110
- SUSE CVE CVE-2025-47711 page
- SUSE CVE CVE-2025-47712 page
Описание
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
Затронутые продукты
SUSE Linux Enterprise Module for Server Applications 15 SP6:nbdkit-1.36.5-150400.3.9.1
SUSE Linux Enterprise Module for Server Applications 15 SP6:nbdkit-basic-filters-1.36.5-150400.3.9.1
SUSE Linux Enterprise Module for Server Applications 15 SP6:nbdkit-basic-plugins-1.36.5-150400.3.9.1
SUSE Linux Enterprise Module for Server Applications 15 SP6:nbdkit-curl-plugin-1.36.5-150400.3.9.1
Ссылки
- CVE-2025-47711
- SUSE Bug 1243110
Описание
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
Затронутые продукты
SUSE Linux Enterprise Module for Server Applications 15 SP6:nbdkit-1.36.5-150400.3.9.1
SUSE Linux Enterprise Module for Server Applications 15 SP6:nbdkit-basic-filters-1.36.5-150400.3.9.1
SUSE Linux Enterprise Module for Server Applications 15 SP6:nbdkit-basic-plugins-1.36.5-150400.3.9.1
SUSE Linux Enterprise Module for Server Applications 15 SP6:nbdkit-curl-plugin-1.36.5-150400.3.9.1
Ссылки
- CVE-2025-47712
- SUSE Bug 1243108