Описание
Security update for iniparser
This update for iniparser fixes the following issues:
- CVE-2025-0633: string copy into buffer without previous size validation leads to heap buffer overflow in iniparser_dumpsection_ini() of iniparser (bsc#1237377).
Список пакетов
SUSE Linux Enterprise Server LTSS Extended Security 12 SP5
libiniparser-devel-3.1.0.git20140619_c5beb80a-3.6.1
libiniparser0-3.1.0.git20140619_c5beb80a-3.6.1
libiniparser0-32bit-3.1.0.git20140619_c5beb80a-3.6.1
Ссылки
- Link for SUSE-SU-2025:0845-1
- E-Mail link for SUSE-SU-2025:0845-1
- SUSE Security Ratings
- SUSE Bug 1237377
- SUSE CVE CVE-2025-0633 page
Описание
Heap-based Buffer Overflow vulnerability in iniparser_dumpsection_ini() in iniparser allows attacker to read out of bound memory
Затронутые продукты
SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libiniparser-devel-3.1.0.git20140619_c5beb80a-3.6.1
SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libiniparser0-3.1.0.git20140619_c5beb80a-3.6.1
SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libiniparser0-32bit-3.1.0.git20140619_c5beb80a-3.6.1
Ссылки
- CVE-2025-0633
- SUSE Bug 1237376
- SUSE Bug 1237377