openSUSE-SU-2018:0329-1

Опубликовано: 31 янв. 2018

Источник: suse-cvrf

Описание

Security update for freeimage

This update for freeimage fixes one issues.

This security issue was fixed:

CVE-2016-5684: Prevent out-of-bounds write vulnerability in the XMP image handling functionality. A specially crafted XMP file could have caused an arbitrary memory overwrite resulting in code execution (boo#1002621).

Список пакетов

openSUSE Leap 42.3

freeimage-3.17.0-5.1

freeimage-devel-3.17.0-5.1

libfreeimage3-3.17.0-5.1

libfreeimageplus3-3.17.0-5.1

Ссылки

https://lists.opensuse.org/opensuse-security-announce/2018-02/msg00000.html
E-Mail link for openSUSE-SU-2018:0329-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings

Описание

An exploitable out-of-bounds write vulnerability exists in the XMP image handling functionality of the FreeImage library. A specially crafted XMP file can cause an arbitrary memory overwrite resulting in code execution. An attacker can provide a malicious image to trigger this vulnerability.

Затронутые продукты

openSUSE Leap 42.3:freeimage-3.17.0-5.1

openSUSE Leap 42.3:freeimage-devel-3.17.0-5.1

openSUSE Leap 42.3:libfreeimage3-3.17.0-5.1

openSUSE Leap 42.3:libfreeimageplus3-3.17.0-5.1

Ссылки

https://www.suse.com/security/cve/CVE-2016-5684.html
CVE-2016-5684
https://bugzilla.suse.com/1002621
SUSE Bug 1002621

openSUSE-SU-2018:0329-1

Описание

Список пакетов

openSUSE Leap 42.3

Ссылки

Уязвимость: CVE-2016-5684

Описание

Затронутые продукты

Ссылки