openSUSE-SU-2017:3095-1

Опубликовано: 25 нояб. 2017

Источник: suse-cvrf

Описание

Security update for tnef

This update for tnef fixes the following issues:

Security issue fixed:

CVE-2017-8911: Fix underflow problem (boo#1038837).

Bug fixes:

Update to version 1.4.15:
- Use __builtin_mul_overflow when available.
- Fixing Unicode related bugs introduced in previous release.
- Prevent against various cases of null derefences, buffer overshooting, and fix some integer overflows.

Список пакетов

openSUSE Leap 42.2

tnef-1.4.15-8.1

openSUSE Leap 42.3

tnef-1.4.15-8.1

Ссылки

https://lists.opensuse.org/opensuse-updates/2017-11/msg00077.html
E-Mail link for openSUSE-SU-2017:3095-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings

Описание

An integer underflow has been identified in the unicode_to_utf8() function in tnef 1.4.14. This might lead to invalid write operations, controlled by an attacker.

Затронутые продукты

openSUSE Leap 42.2:tnef-1.4.15-8.1

openSUSE Leap 42.3:tnef-1.4.15-8.1

Ссылки

https://www.suse.com/security/cve/CVE-2017-8911.html
CVE-2017-8911
https://bugzilla.suse.com/1038837
SUSE Bug 1038837

openSUSE-SU-2017:3095-1

Описание

Список пакетов

openSUSE Leap 42.2

openSUSE Leap 42.3

Ссылки

Уязвимость: CVE-2017-8911

Описание

Затронутые продукты

Ссылки