Описание
Security update for libimobiledevice, libusbmuxd
This update for libimobiledevice, libusbmuxd fixes the following issues:
- Add libimobiledevice-CVE-2016-5104.patch: Make sure sockets only listen locally (CVE-2016-5104, boo#982014).
Список пакетов
openSUSE Leap 42.1
imobiledevice-tools-1.2.0-6.2
iproxy-1.0.10-4.1
libimobiledevice-1.2.0-6.2
libimobiledevice-devel-1.2.0-6.2
libimobiledevice-doc-1.2.0-6.2
libimobiledevice6-1.2.0-6.2
libimobiledevice6-32bit-1.2.0-6.2
libusbmuxd-1.0.10-4.1
libusbmuxd-devel-1.0.10-4.1
libusbmuxd4-1.0.10-4.1
libusbmuxd4-32bit-1.0.10-4.1
python-imobiledevice-1.2.0-6.2
Ссылки
- E-Mail link for openSUSE-SU-2016:1526-1
- SUSE Security Ratings
Описание
The socket_create function in common/socket.c in libimobiledevice and libusbmuxd allows remote attackers to bypass intended access restrictions and communicate with services on iOS devices by connecting to an IPv4 TCP socket.
Затронутые продукты
openSUSE Leap 42.1:imobiledevice-tools-1.2.0-6.2
openSUSE Leap 42.1:iproxy-1.0.10-4.1
openSUSE Leap 42.1:libimobiledevice-1.2.0-6.2
openSUSE Leap 42.1:libimobiledevice-devel-1.2.0-6.2
Ссылки
- CVE-2016-5104
- SUSE Bug 982014