openSUSE-SU-2017:0828-1

Опубликовано: 27 мар. 2017

Источник: suse-cvrf

Описание

Security update for gegl

This update for gegl fixes the following issues:

Security issue fixed:

Fix CVE-2012-4433: Fix buffer overflow in and add plausibility checks to ppm-load op (bsc#789835).

This update was imported from the SUSE:SLE-12-SP2:Update update project.

Список пакетов

openSUSE Leap 42.2

gegl-0.2.0-16.1

gegl-0_2-0.2.0-16.1

gegl-0_2-lang-0.2.0-16.1

gegl-devel-0.2.0-16.1

gegl-doc-0.2.0-16.1

libgegl-0_2-0-0.2.0-16.1

Ссылки

https://lists.opensuse.org/opensuse-updates/2017-03/msg00093.html
E-Mail link for openSUSE-SU-2017:0828-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings

Описание

Multiple integer overflows in operations/external/ppm-load.c in GEGL (Generic Graphics Library) 0.2.0 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a large (1) width or (2) height value in a Portable Pixel Map (ppm) image, which triggers a heap-based buffer overflow.

Затронутые продукты

openSUSE Leap 42.2:gegl-0.2.0-16.1

openSUSE Leap 42.2:gegl-0_2-0.2.0-16.1

openSUSE Leap 42.2:gegl-0_2-lang-0.2.0-16.1

openSUSE Leap 42.2:gegl-devel-0.2.0-16.1

Ссылки

https://www.suse.com/security/cve/CVE-2012-4433.html
CVE-2012-4433
https://bugzilla.suse.com/1023636
SUSE Bug 1023636
https://bugzilla.suse.com/1028070
SUSE Bug 1028070
https://bugzilla.suse.com/1089725
SUSE Bug 1089725
https://bugzilla.suse.com/789835
SUSE Bug 789835

openSUSE-SU-2017:0828-1

Описание

Список пакетов

openSUSE Leap 42.2

Ссылки

Уязвимость: CVE-2012-4433

Описание

Затронутые продукты

Ссылки