openSUSE-SU-2016:2729-1

Опубликовано: 04 нояб. 2016

Источник: suse-cvrf

Описание

Security update for libraw

This update for libraw fixes the following issues:

CVE-2015-8367: Memory objects are not intialized properly (boo#957517).

Список пакетов

openSUSE Leap 42.1

libraw-0.16.2-4.1

libraw-devel-0.16.2-4.1

libraw-devel-static-0.16.2-4.1

libraw-tools-0.16.2-4.1

libraw10-0.16.2-4.1

Ссылки

https://lists.opensuse.org/opensuse-updates/2016-11/msg00011.html
E-Mail link for openSUSE-SU-2016:2729-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings

Описание

The phase_one_correct function in Libraw before 0.17.1 allows attackers to cause memory errors and possibly execute arbitrary code, related to memory object initialization.

Затронутые продукты

openSUSE Leap 42.1:libraw-0.16.2-4.1

openSUSE Leap 42.1:libraw-devel-0.16.2-4.1

openSUSE Leap 42.1:libraw-devel-static-0.16.2-4.1

openSUSE Leap 42.1:libraw-tools-0.16.2-4.1

Ссылки

https://www.suse.com/security/cve/CVE-2015-8367.html
CVE-2015-8367
https://bugzilla.suse.com/1006704
SUSE Bug 1006704
https://bugzilla.suse.com/1006717
SUSE Bug 1006717
https://bugzilla.suse.com/957517
SUSE Bug 957517

openSUSE-SU-2016:2729-1

Описание

Список пакетов

openSUSE Leap 42.1

Ссылки

Уязвимость: CVE-2015-8367

Описание

Затронутые продукты

Ссылки