openSUSE-SU-2019:0212-1

Опубликовано: 19 фев. 2019

Источник: suse-cvrf

Описание

Security update for pspp, spread-sheet-widget

This update for pspp to version 1.2.0 fixes the following issues:

Security issue fixed:

CVE-2018-20230: Fixed a heap-based buffer overflow in read_bytes_internal function that could lead to denial-of-service (bsc#1120061).

Other bug fixes and changes:

Add upstream patch to avoid compiling with old Texinfo 4.13.
New experimental command SAVE DATA COLLECTION to save MDD files.
MTIME and YMDHMS variable formats now supported.
Spread sheet rendering now done via spread-sheet-widget.

This update introduces a new package called spread-sheet-widget as dependency.

Список пакетов

openSUSE Leap 42.3

libspread-sheet-widget0-0.3-2.1

pspp-1.2.0-11.1

pspp-devel-1.2.0-11.1

spread-sheet-widget-0.3-2.1

spread-sheet-widget-devel-0.3-2.1

Ссылки

https://lists.opensuse.org/opensuse-security-announce/2019-02/msg00050.html
E-Mail link for openSUSE-SU-2019:0212-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings

Описание

An issue was discovered in PSPP 1.2.0. There is a heap-based buffer overflow at the function read_bytes_internal in utilities/pspp-dump-sav.c, which allows attackers to cause a denial of service (application crash) or possibly have unspecified other impact.

Затронутые продукты

openSUSE Leap 42.3:libspread-sheet-widget0-0.3-2.1

openSUSE Leap 42.3:pspp-1.2.0-11.1

openSUSE Leap 42.3:pspp-devel-1.2.0-11.1

openSUSE Leap 42.3:spread-sheet-widget-0.3-2.1

Ссылки

https://www.suse.com/security/cve/CVE-2018-20230.html
CVE-2018-20230
https://bugzilla.suse.com/1120061
SUSE Bug 1120061

openSUSE-SU-2019:0212-1

Описание

Список пакетов

openSUSE Leap 42.3

Ссылки

Уязвимость: CVE-2018-20230

Описание

Затронутые продукты

Ссылки