Описание
Security update for gdal
This update for gdal to version 2.4.3 fixes the following issues:
gdal was updated to 2.4.3:
- CVE-2019-17545: Fixed a double free vulnerability in OGRExpatRealloc (boo#1153918).
- Multiple bug and stability fixes
For more information regarding the release at: https://trac.osgeo.org/gdal/wiki/Release/2.4.3-News
Список пакетов
SUSE Package Hub 15 SP1
gdal-2.4.3-bp151.4.3.1
gdal-devel-2.4.3-bp151.4.3.1
libgdal20-2.4.3-bp151.4.3.1
perl-gdal-2.4.3-bp151.4.3.1
python2-GDAL-2.4.3-bp151.4.3.1
python3-GDAL-2.4.3-bp151.4.3.1
openSUSE Leap 15.1
gdal-2.4.3-bp151.4.3.1
gdal-devel-2.4.3-bp151.4.3.1
libgdal20-2.4.3-bp151.4.3.1
perl-gdal-2.4.3-bp151.4.3.1
python2-GDAL-2.4.3-bp151.4.3.1
python3-GDAL-2.4.3-bp151.4.3.1
Ссылки
- E-Mail link for openSUSE-SU-2019:2466-1
- SUSE Security Ratings
- SUSE Bug 1153918
- SUSE CVE CVE-2019-17545 page
Описание
GDAL through 3.0.1 has a poolDestroy double free in OGRExpatRealloc in ogr/ogr_expat.cpp when the 10MB threshold is exceeded.
Затронутые продукты
SUSE Package Hub 15 SP1:gdal-2.4.3-bp151.4.3.1
SUSE Package Hub 15 SP1:gdal-devel-2.4.3-bp151.4.3.1
SUSE Package Hub 15 SP1:libgdal20-2.4.3-bp151.4.3.1
SUSE Package Hub 15 SP1:perl-gdal-2.4.3-bp151.4.3.1
Ссылки
- CVE-2019-17545
- SUSE Bug 1153918