openSUSE-SU-2018:0498-1

Опубликовано: 20 фев. 2018

Источник: suse-cvrf

Описание

Security update for transfig

This update for transfig fixes the following issues:

CVE-2017-16899: Do some input sanitizing when reading FIG files to avoid crashes (boo#1069257)

Список пакетов

openSUSE Leap 42.3

transfig-3.2.5e-7.3.1

Ссылки

https://lists.opensuse.org/opensuse-updates/2018-02/msg00081.html
E-Mail link for openSUSE-SU-2018:0498-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings

Описание

An array index error in the fig2dev program in Xfig 3.2.6a allows remote attackers to cause a denial-of-service attack or information disclosure with a maliciously crafted Fig format file, related to a negative font value in dev/gentikz.c, and the read_textobject functions in read.c and read1_3.c.

Затронутые продукты

openSUSE Leap 42.3:transfig-3.2.5e-7.3.1

Ссылки

https://www.suse.com/security/cve/CVE-2017-16899.html
CVE-2017-16899
https://bugzilla.suse.com/1069257
SUSE Bug 1069257

openSUSE-SU-2018:0498-1

Описание

Список пакетов

openSUSE Leap 42.3

Ссылки

Уязвимость: CVE-2017-16899

Описание

Затронутые продукты

Ссылки