Описание
Security update for iniparser
This update for iniparser fixes the following issues:
- CVE-2025-0633: string copy into buffer without previous size validation leads to heap buffer overflow in iniparser_dumpsection_ini() of iniparser (bsc#1237377).
Список пакетов
SUSE Linux Enterprise Module for Basesystem 15 SP6
libiniparser1-4.1-150500.4.8.1
openSUSE Leap 15.6
libiniparser-devel-4.1-150500.4.8.1
libiniparser1-4.1-150500.4.8.1
libiniparser1-32bit-4.1-150500.4.8.1
Ссылки
- Link for SUSE-SU-2025:0821-1
- E-Mail link for SUSE-SU-2025:0821-1
- SUSE Security Ratings
- SUSE Bug 1237377
- SUSE CVE CVE-2025-0633 page
Описание
Heap-based Buffer Overflow vulnerability in iniparser_dumpsection_ini() in iniparser allows attacker to read out of bound memory
Затронутые продукты
SUSE Linux Enterprise Module for Basesystem 15 SP6:libiniparser1-4.1-150500.4.8.1
openSUSE Leap 15.6:libiniparser-devel-4.1-150500.4.8.1
openSUSE Leap 15.6:libiniparser1-32bit-4.1-150500.4.8.1
openSUSE Leap 15.6:libiniparser1-4.1-150500.4.8.1
Ссылки
- CVE-2025-0633
- SUSE Bug 1237376
- SUSE Bug 1237377