openSUSE-SU-2017:1857-1

Опубликовано: 13 июл. 2017

Источник: suse-cvrf

Описание

Security update for libcares2

This update for libcares2 fixes the following issues:

CVE-2017-1000381: A NAPTR parser out of bounds access was fixed that could lead to crashes. (bsc#1044946)

This update was imported from the SUSE:SLE-12:Update update project.

Список пакетов

openSUSE Leap 42.2

libcares-devel-1.9.1-8.3.1

libcares2-1.9.1-8.3.1

libcares2-32bit-1.9.1-8.3.1

Ссылки

https://lists.opensuse.org/opensuse-updates/2017-07/msg00059.html
E-Mail link for openSUSE-SU-2017:1857-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings

Описание

The c-ares function `ares_parse_naptr_reply()`, which is used for parsing NAPTR responses, could be triggered to read memory outside of the given input buffer if the passed in DNS response packet was crafted in a particular way.

Затронутые продукты

openSUSE Leap 42.2:libcares-devel-1.9.1-8.3.1

openSUSE Leap 42.2:libcares2-1.9.1-8.3.1

openSUSE Leap 42.2:libcares2-32bit-1.9.1-8.3.1

Ссылки

https://www.suse.com/security/cve/CVE-2017-1000381.html
CVE-2017-1000381
https://bugzilla.suse.com/1044946
SUSE Bug 1044946

openSUSE-SU-2017:1857-1

Описание

Список пакетов

openSUSE Leap 42.2

Ссылки

Уязвимость: CVE-2017-1000381

Описание

Затронутые продукты

Ссылки