openSUSE-SU-2017:2607-1

Опубликовано: 29 сент. 2017

Источник: suse-cvrf

Описание

Security update for weechat

This update for weechat fixes the following issues:

CVE-2017-14727: A uninitialized buffer could be used to crash the logger plugin in WeeChat (boo#1060140)

Список пакетов

openSUSE Leap 42.2

weechat-1.8-3.1

weechat-aspell-1.8-3.1

weechat-devel-1.8-3.1

weechat-doc-1.5-2.6.1

weechat-guile-1.8-3.1

weechat-lang-1.8-3.1

weechat-lua-1.8-3.1

weechat-perl-1.8-3.1

weechat-python-1.8-3.1

weechat-ruby-1.8-3.1

weechat-tcl-1.8-3.1

openSUSE Leap 42.3

weechat-1.8-3.1

weechat-aspell-1.8-3.1

weechat-devel-1.8-3.1

weechat-doc-1.5-2.6.1

weechat-guile-1.8-3.1

weechat-lang-1.8-3.1

weechat-lua-1.8-3.1

weechat-perl-1.8-3.1

weechat-python-1.8-3.1

weechat-ruby-1.8-3.1

weechat-tcl-1.8-3.1

Ссылки

https://lists.opensuse.org/opensuse-updates/2017-09/msg00123.html
E-Mail link for openSUSE-SU-2017:2607-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings

Описание

logger.c in the logger plugin in WeeChat before 1.9.1 allows a crash via strftime date/time specifiers, because a buffer is not initialized.

Затронутые продукты

openSUSE Leap 42.2:weechat-1.8-3.1

openSUSE Leap 42.2:weechat-aspell-1.8-3.1

openSUSE Leap 42.2:weechat-devel-1.8-3.1

openSUSE Leap 42.2:weechat-doc-1.5-2.6.1

Ссылки

https://www.suse.com/security/cve/CVE-2017-14727.html
CVE-2017-14727
https://bugzilla.suse.com/1060140
SUSE Bug 1060140

openSUSE-SU-2017:2607-1

Описание

Список пакетов

openSUSE Leap 42.2

openSUSE Leap 42.3

Ссылки

Уязвимость: CVE-2017-14727

Описание

Затронутые продукты

Ссылки