openSUSE-SU-2016:1977-1

Опубликовано: 05 авг. 2016

Источник: suse-cvrf

Описание

Security update for bsdiff

This update for bsdiff fixes the following issues:

CVE-2014-9862: Improper checking of input allows arbitrary write on heap (boo#990660)

Список пакетов

openSUSE Leap 42.1

bsdiff-4.3-9.2

Ссылки

https://lists.opensuse.org/opensuse-updates/2016-08/msg00026.html
E-Mail link for openSUSE-SU-2016:1977-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings

Описание

Integer signedness error in bspatch.c in bspatch in bsdiff, as used in Apple OS X before 10.11.6 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow) via a crafted patch file.

Затронутые продукты

openSUSE Leap 42.1:bsdiff-4.3-9.2

Ссылки

https://www.suse.com/security/cve/CVE-2014-9862.html
CVE-2014-9862
https://bugzilla.suse.com/1173974
SUSE Bug 1173974
https://bugzilla.suse.com/990660
SUSE Bug 990660

openSUSE-SU-2016:1977-1

Описание

Список пакетов

openSUSE Leap 42.1

Ссылки

Уязвимость: CVE-2014-9862

Описание

Затронутые продукты

Ссылки