Описание
Security update for graphviz
This update for graphviz fixes the following issues:
Security issue fixed:
- CVE-2014-9157: Fix format string vulnerability (boo#908426).
Список пакетов
openSUSE Leap 42.2
graphviz-2.38.0-9.1
graphviz-devel-2.38.0-9.1
graphviz-doc-2.38.0-9.3
graphviz-gd-2.38.0-9.3
graphviz-gnome-2.38.0-9.3
graphviz-guile-2.38.0-9.3
graphviz-gvedit-2.38.0-9.1
graphviz-java-2.38.0-9.3
graphviz-lua-2.38.0-9.3
graphviz-perl-2.38.0-9.3
graphviz-php-2.38.0-9.3
graphviz-plugins-2.38.0-9.3
graphviz-python-2.38.0-9.3
graphviz-ruby-2.38.0-9.3
graphviz-smyrna-2.38.0-9.1
graphviz-tcl-2.38.0-9.3
openSUSE Leap 42.3
graphviz-2.38.0-9.1
graphviz-devel-2.38.0-9.1
graphviz-doc-2.38.0-9.3
graphviz-gd-2.38.0-9.3
graphviz-gnome-2.38.0-9.3
graphviz-guile-2.38.0-9.3
graphviz-gvedit-2.38.0-9.1
graphviz-java-2.38.0-9.3
graphviz-lua-2.38.0-9.3
graphviz-perl-2.38.0-9.3
graphviz-php-2.38.0-9.3
graphviz-plugins-2.38.0-9.3
graphviz-python-2.38.0-9.3
graphviz-ruby-2.38.0-9.3
graphviz-smyrna-2.38.0-9.1
graphviz-tcl-2.38.0-9.3
Ссылки
- E-Mail link for openSUSE-SU-2017:3222-1
- SUSE Security Ratings
Описание
Format string vulnerability in the yyerror function in lib/cgraph/scan.l in Graphviz allows remote attackers to have unspecified impact via format string specifiers in unknown vectors, which are not properly handled in an error string.
Затронутые продукты
openSUSE Leap 42.2:graphviz-2.38.0-9.1
openSUSE Leap 42.2:graphviz-devel-2.38.0-9.1
openSUSE Leap 42.2:graphviz-doc-2.38.0-9.3
openSUSE Leap 42.2:graphviz-gd-2.38.0-9.3
Ссылки
- CVE-2014-9157
- SUSE Bug 908426