Описание
Security update for rav1e
This update for rav1e fixes the following issues:
- CVE-2024-58266: shlex: Fixed certain bytes allowed to appear unquoted and unescaped in command arguments (bsc#1247207)
Список пакетов
SUSE Linux Enterprise Module for Basesystem 15 SP6
librav1e0_6-0.6.6-150600.3.6.1
SUSE Linux Enterprise Module for Basesystem 15 SP7
librav1e0_6-0.6.6-150600.3.6.1
openSUSE Leap 15.6
librav1e0_6-0.6.6-150600.3.6.1
librav1e0_6-32bit-0.6.6-150600.3.6.1
rav1e-0.6.6-150600.3.6.1
rav1e-devel-0.6.6-150600.3.6.1
Ссылки
- Link for SUSE-SU-2025:03077-1
- E-Mail link for SUSE-SU-2025:03077-1
- SUSE Security Ratings
- SUSE Bug 1230028
- SUSE Bug 1247207
- SUSE CVE CVE-2024-58266 page
Описание
The shlex crate before 1.2.1 for Rust allows unquoted and unescaped instances of the { and \xa0 characters, which may facilitate command injection.
Затронутые продукты
SUSE Linux Enterprise Module for Basesystem 15 SP6:librav1e0_6-0.6.6-150600.3.6.1
SUSE Linux Enterprise Module for Basesystem 15 SP7:librav1e0_6-0.6.6-150600.3.6.1
openSUSE Leap 15.6:librav1e0_6-0.6.6-150600.3.6.1
openSUSE Leap 15.6:librav1e0_6-32bit-0.6.6-150600.3.6.1
Ссылки
- CVE-2024-58266
- SUSE Bug 1247186