Описание
Security update for libass
This update for libass fixes the following issues:
- Fixed situations that could cause uninitialised memory to be used, leading to undefined behaviour. (boo#1002982, CVE-2016-7969, CVE-2016-7972)
Список пакетов
openSUSE Leap 42.1
libass-0.12.3-6.1
libass-devel-0.12.3-6.1
libass5-0.12.3-6.1
libass5-32bit-0.12.3-6.1
Ссылки
- E-Mail link for openSUSE-SU-2016:3087-1
- SUSE Security Ratings
Описание
The wrap_lines_smart function in ass_render.c in libass before 0.13.4 allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors, related to "0/3 line wrapping equalization."
Затронутые продукты
openSUSE Leap 42.1:libass-0.12.3-6.1
openSUSE Leap 42.1:libass-devel-0.12.3-6.1
openSUSE Leap 42.1:libass5-0.12.3-6.1
openSUSE Leap 42.1:libass5-32bit-0.12.3-6.1
Ссылки
- CVE-2016-7969
- SUSE Bug 1002982
Описание
The check_allocations function in libass/ass_shaper.c in libass before 0.13.4 allows remote attackers to cause a denial of service (memory allocation failure) via unspecified vectors.
Затронутые продукты
openSUSE Leap 42.1:libass-0.12.3-6.1
openSUSE Leap 42.1:libass-devel-0.12.3-6.1
openSUSE Leap 42.1:libass5-0.12.3-6.1
openSUSE Leap 42.1:libass5-32bit-0.12.3-6.1
Ссылки
- CVE-2016-7972
- SUSE Bug 1002982