openSUSE-SU-2015:2023-1

Опубликовано: 09 нояб. 2015

Источник: suse-cvrf

Описание

Security update for putty

PuTTY was updated to 0.66 to fix security issues and bugs.

The following vulnerabilities were fixed:

CVE-2015-5309: Malicious ECH control sequences could have caused an integer overflow, buffer underrun in terminal emulator bnc#954191

Also contains all bug fixes up to the 0.66 release.

Список пакетов

openSUSE Leap 42.1

putty-0.66-6.1

Ссылки

https://lists.opensuse.org/opensuse-updates/2015-11/msg00099.html
E-Mail link for openSUSE-SU-2015:2023-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings

Описание

Integer overflow in the terminal emulator in PuTTY before 0.66 allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via an ECH (erase characters) escape sequence with a large parameter value, which triggers a buffer underflow.

Затронутые продукты

openSUSE Leap 42.1:putty-0.66-6.1

Ссылки

https://www.suse.com/security/cve/CVE-2015-5309.html
CVE-2015-5309
https://bugzilla.suse.com/954191
SUSE Bug 954191

openSUSE-SU-2015:2023-1

Описание

Список пакетов

openSUSE Leap 42.1

Ссылки

Уязвимость: CVE-2015-5309

Описание

Затронутые продукты

Ссылки