openSUSE-SU-2018:2790-1

Опубликовано: 21 сент. 2018

Источник: suse-cvrf

Описание

Security update for pango

This update for pango fixes the following issue:

Security issue fixed:

CVE-2018-15120: Fixed a denial of service when parsing emoji (bsc#1103877)

This update was imported from the SUSE:SLE-15:Update update project.

Список пакетов

openSUSE Leap 15.0

libpango-1_0-0-1.40.14-lp150.2.3.1

libpango-1_0-0-32bit-1.40.14-lp150.2.3.1

pango-1.40.14-lp150.2.3.1

pango-devel-1.40.14-lp150.2.3.1

pango-devel-32bit-1.40.14-lp150.2.3.1

pango-tools-1.40.14-lp150.2.3.1

typelib-1_0-Pango-1_0-1.40.14-lp150.2.3.1

Ссылки

http://lists.opensuse.org/opensuse-security-announce/2018-09/msg00043.html
E-Mail link for openSUSE-SU-2018:2790-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings

Описание

libpango in Pango 1.40.8 through 1.42.3, as used in hexchat and other products, allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via crafted text with invalid Unicode sequences.

Затронутые продукты

openSUSE Leap 15.0:libpango-1_0-0-1.40.14-lp150.2.3.1

openSUSE Leap 15.0:libpango-1_0-0-32bit-1.40.14-lp150.2.3.1

openSUSE Leap 15.0:pango-1.40.14-lp150.2.3.1

openSUSE Leap 15.0:pango-devel-1.40.14-lp150.2.3.1

Ссылки

https://www.suse.com/security/cve/CVE-2018-15120.html
CVE-2018-15120
https://bugzilla.suse.com/1103877
SUSE Bug 1103877

openSUSE-SU-2018:2790-1

Описание

Список пакетов

openSUSE Leap 15.0

Ссылки

Уязвимость: CVE-2018-15120

Описание

Затронутые продукты

Ссылки