Описание
Security update for libical
This update for libical fixes the following issues:
Security issues fixed:
- CVE-2016-5824: libical 1.0 allows remote attackers to cause a denial of service (use-after-free) via a crafted ics file. (bsc#986639)
- CVE-2016-5827: The icaltime_from_string function in libical 0.47 and 1.0 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted string to the icalparser_parse_string function. (bsc#986631)
- CVE-2016-9584: libical allows remote attackers to cause a denial of service (use-after-free) and possibly read heap memory via a crafted ics file. (bsc#1015964)
Bug fixes:
- libical crashes while parsing timezones (bsc#1044995)
This update was imported from the SUSE:SLE-12-SP2:Update update project.
Список пакетов
openSUSE Leap 42.2
libical-1.0.1-16.1
libical-devel-1.0.1-16.1
libical-devel-static-1.0.1-16.1
libical-doc-1.0.1-16.1
libical1-1.0.1-16.1
libical1-32bit-1.0.1-16.1
openSUSE Leap 42.3
libical-1.0.1-16.1
libical-devel-1.0.1-16.1
libical-devel-static-1.0.1-16.1
libical-doc-1.0.1-16.1
libical1-1.0.1-16.1
libical1-32bit-1.0.1-16.1
Ссылки
- E-Mail link for openSUSE-SU-2017:2002-1
- SUSE Security Ratings
Описание
libical 1.0 allows remote attackers to cause a denial of service (use-after-free) via a crafted ics file.
Затронутые продукты
openSUSE Leap 42.2:libical-1.0.1-16.1
openSUSE Leap 42.2:libical-devel-1.0.1-16.1
openSUSE Leap 42.2:libical-devel-static-1.0.1-16.1
openSUSE Leap 42.2:libical-doc-1.0.1-16.1
Ссылки
- CVE-2016-5824
- SUSE Bug 1015964
- SUSE Bug 1122983
- SUSE Bug 986631
- SUSE Bug 986639
- SUSE Bug 986642
- SUSE Bug 986658
Описание
The icaltime_from_string function in libical 0.47 and 1.0 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted string to the icalparser_parse_string function.
Затронутые продукты
openSUSE Leap 42.2:libical-1.0.1-16.1
openSUSE Leap 42.2:libical-devel-1.0.1-16.1
openSUSE Leap 42.2:libical-devel-static-1.0.1-16.1
openSUSE Leap 42.2:libical-doc-1.0.1-16.1
Ссылки
- CVE-2016-5827
- SUSE Bug 986631
- SUSE Bug 986639
- SUSE Bug 986642
- SUSE Bug 986658
Описание
libical allows remote attackers to cause a denial of service (use-after-free) and possibly read heap memory via a crafted ics file.
Затронутые продукты
openSUSE Leap 42.2:libical-1.0.1-16.1
openSUSE Leap 42.2:libical-devel-1.0.1-16.1
openSUSE Leap 42.2:libical-devel-static-1.0.1-16.1
openSUSE Leap 42.2:libical-doc-1.0.1-16.1
Ссылки
- CVE-2016-9584
- SUSE Bug 1015964