openSUSE-SU-2019:1455-1

Опубликовано: 27 мая 2019

Источник: suse-cvrf

Описание

Security update for transfig

This update for transfig fixes the following issues:

Security issue fixed:

CVE-2018-16140: Fixed a buffer underwrite vulnerability in get_line() in read.c, which allowed an attacker to write prior to the beginning of the buffer via specially crafted .fig file (bsc#1106531)

This update was imported from the SUSE:SLE-15:Update update project.

Список пакетов

openSUSE Leap 15.0

transfig-3.2.6a-lp151.4.3.1

openSUSE Leap 15.1

transfig-3.2.6a-lp151.4.3.1

Ссылки

https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/KCF4K7GDJWORSQSIBKFFBWXZGUW6T5MN/#KCF4K7GDJWORSQSIBKFFBWXZGUW6T5MN
E-Mail link for openSUSE-SU-2019:1455-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1106531
SUSE Bug 1106531
https://www.suse.com/security/cve/CVE-2018-16140/
SUSE CVE CVE-2018-16140 page

Описание

A buffer underwrite vulnerability in get_line() (read.c) in fig2dev 3.2.7a allows an attacker to write prior to the beginning of the buffer via a crafted .fig file.

Затронутые продукты

openSUSE Leap 15.0:transfig-3.2.6a-lp151.4.3.1

openSUSE Leap 15.1:transfig-3.2.6a-lp151.4.3.1

Ссылки

https://www.suse.com/security/cve/CVE-2018-16140.html
CVE-2018-16140
https://bugzilla.suse.com/1106531
SUSE Bug 1106531

openSUSE-SU-2019:1455-1

Описание

Список пакетов

openSUSE Leap 15.0

openSUSE Leap 15.1

Ссылки

Уязвимость: CVE-2018-16140

Описание

Затронутые продукты

Ссылки