openSUSE-SU-2017:1275-1

Опубликовано: 12 мая 2017

Источник: suse-cvrf

Описание

Security update for rzip

This update for rzip fixes the following issues:

CVE-2017-8364: heap-based buffer overflow in read_buf function via crafted archive file could lead to crash (boo#1036941)

Список пакетов

openSUSE Leap 42.1

rzip-2.1-151.3.1

openSUSE Leap 42.2

rzip-2.1-151.3.1

Ссылки

https://lists.opensuse.org/opensuse-updates/2017-05/msg00055.html
E-Mail link for openSUSE-SU-2017:1275-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings

Описание

The read_buf function in stream.c in rzip 2.1 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted archive.

Затронутые продукты

openSUSE Leap 42.1:rzip-2.1-151.3.1

openSUSE Leap 42.2:rzip-2.1-151.3.1

Ссылки

https://www.suse.com/security/cve/CVE-2017-8364.html
CVE-2017-8364
https://bugzilla.suse.com/1036941
SUSE Bug 1036941

openSUSE-SU-2017:1275-1

Описание

Список пакетов

openSUSE Leap 42.1

openSUSE Leap 42.2

Ссылки

Уязвимость: CVE-2017-8364

Описание

Затронутые продукты

Ссылки