openSUSE-SU-2018:0883-1

Опубликовано: 05 апр. 2018

Источник: suse-cvrf

Описание

Security update for graphite2

This update for graphite2 fixes the following issues:

CVE-2018-7999: Fixed a NULL pointer dereference vulnerability in Segment.cpp that may cause a denial of serivce (bsc#1084850).

This update was imported from the SUSE:SLE-12:Update update project.

Список пакетов

openSUSE Leap 42.3

graphite2-1.3.1-7.3.1

graphite2-devel-1.3.1-7.3.1

libgraphite2-3-1.3.1-7.3.1

libgraphite2-3-32bit-1.3.1-7.3.1

Ссылки

https://lists.opensuse.org/opensuse-updates/2018-04/msg00002.html
E-Mail link for openSUSE-SU-2018:0883-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings

Описание

In libgraphite2 in graphite2 1.3.11, a NULL pointer dereference vulnerability was found in Segment.cpp during a dumbRendering operation, which may allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .ttf file.

Затронутые продукты

openSUSE Leap 42.3:graphite2-1.3.1-7.3.1

openSUSE Leap 42.3:graphite2-devel-1.3.1-7.3.1

openSUSE Leap 42.3:libgraphite2-3-1.3.1-7.3.1

openSUSE Leap 42.3:libgraphite2-3-32bit-1.3.1-7.3.1

Ссылки

https://www.suse.com/security/cve/CVE-2018-7999.html
CVE-2018-7999
https://bugzilla.suse.com/1084850
SUSE Bug 1084850

openSUSE-SU-2018:0883-1

Описание

Список пакетов

openSUSE Leap 42.3

Ссылки

Уязвимость: CVE-2018-7999

Описание

Затронутые продукты

Ссылки