openSUSE-SU-2018:0805-1

Опубликовано: 24 мар. 2018

Источник: suse-cvrf

Описание

Security update for libvorbis

This update for libvorbis fixes the following issues:

CVE-2018-5146: Fixed out of bounds memory write while processing Vorbis audio data (bsc#1085687).

This update was imported from the SUSE:SLE-12:Update update project.

Список пакетов

openSUSE Leap 42.3

libvorbis-1.3.3-11.1

libvorbis-devel-1.3.3-11.1

libvorbis-doc-1.3.3-11.1

libvorbis0-1.3.3-11.1

libvorbis0-32bit-1.3.3-11.1

libvorbisenc2-1.3.3-11.1

libvorbisenc2-32bit-1.3.3-11.1

libvorbisfile3-1.3.3-11.1

libvorbisfile3-32bit-1.3.3-11.1

Ссылки

https://lists.opensuse.org/opensuse-updates/2018-03/msg00095.html
E-Mail link for openSUSE-SU-2018:0805-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings

Описание

An out of bounds memory write while processing Vorbis audio data was reported through the Pwn2Own contest. This vulnerability affects Firefox < 59.0.1, Firefox ESR < 52.7.2, and Thunderbird < 52.7.

Затронутые продукты

openSUSE Leap 42.3:libvorbis-1.3.3-11.1

openSUSE Leap 42.3:libvorbis-devel-1.3.3-11.1

openSUSE Leap 42.3:libvorbis-doc-1.3.3-11.1

openSUSE Leap 42.3:libvorbis0-1.3.3-11.1

Ссылки

https://www.suse.com/security/cve/CVE-2018-5146.html
CVE-2018-5146
https://bugzilla.suse.com/1085671
SUSE Bug 1085671
https://bugzilla.suse.com/1085687
SUSE Bug 1085687
https://bugzilla.suse.com/1180395
SUSE Bug 1180395

openSUSE-SU-2018:0805-1

Описание

Список пакетов

openSUSE Leap 42.3

Ссылки

Уязвимость: CVE-2018-5146

Описание

Затронутые продукты

Ссылки