openSUSE-SU-2016:0002-1

Опубликовано: 01 янв. 2016

Источник: suse-cvrf

Описание

Security update for claws-mail

This update for claws-mail fixes the following security issue:

CVE-2015-8614: buffer overrun issues in Japanese character set conversion code could allow an adversary to remotely crash claws and potentially have further unspecified impact (boo#959993)

Список пакетов

openSUSE Leap 42.1

claws-mail-3.12.0-4.1

claws-mail-devel-3.12.0-4.1

claws-mail-lang-3.12.0-4.1

Ссылки

https://lists.opensuse.org/opensuse-updates/2016-01/msg00000.html
E-Mail link for openSUSE-SU-2016:0002-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings

Описание

Multiple stack-based buffer overflows in the (1) conv_jistoeuc, (2) conv_euctojis, and (3) conv_sjistoeuc functions in codeconv.c in Claws Mail before 3.13.1 allow remote attackers to have unspecified impact via a crafted email, involving Japanese character set conversion.

Затронутые продукты

openSUSE Leap 42.1:claws-mail-3.12.0-4.1

openSUSE Leap 42.1:claws-mail-devel-3.12.0-4.1

openSUSE Leap 42.1:claws-mail-lang-3.12.0-4.1

Ссылки

https://www.suse.com/security/cve/CVE-2015-8614.html
CVE-2015-8614
https://bugzilla.suse.com/959993
SUSE Bug 959993
https://bugzilla.suse.com/960566
SUSE Bug 960566

openSUSE-SU-2016:0002-1

Описание

Список пакетов

openSUSE Leap 42.1

Ссылки

Уязвимость: CVE-2015-8614

Описание

Затронутые продукты

Ссылки