Описание
Security update for pspp
This update for pspp fixes the following issues:
CVE-2017-10792: Crafted input could have allowed a denial of service attack via a NULL pointer dereference in ll_insert (boo#1046997) CVE-2017-10791: Crafted input could have allowed a denial of service attack via an integer overflow in the hash_int library (boo#1046998)
Список пакетов
openSUSE Leap 42.2
openSUSE Leap 42.3
Ссылки
- E-Mail link for openSUSE-SU-2017:2123-1
- SUSE Security Ratings
Описание
There is an Integer overflow in the hash_int function of the libpspp library in GNU PSPP before 0.11.0. For example, a crash was observed within the library code when attempting to convert invalid SPSS data into CSV format. A crafted input will lead to a remote denial of service attack.
Затронутые продукты
Ссылки
- CVE-2017-10791
- SUSE Bug 1046998
Описание
There is a NULL Pointer Dereference in the function ll_insert() of the libpspp library in GNU PSPP before 0.11.0. For example, a crash was observed within the library code when attempting to convert invalid SPSS data into CSV format. A crafted input will lead to a remote denial of service attack.
Затронутые продукты
Ссылки
- CVE-2017-10792
- SUSE Bug 1046997