openSUSE-SU-2021:1024-1

Опубликовано: 11 июл. 2021

Источник: suse-cvrf

Описание

Security update for openscad

This update for openscad fixes the following issues:

CVE-2020-28600: A specially crafted STL file could lead to code execution via out-of-bounds write in import_stl.cc:import_stl() (bsc#1185975)

Список пакетов

openSUSE Leap 15.2

openscad-2019.05-lp152.2.3.1

Ссылки

https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/TD6AL34245BXDPEWDDFP4UJMOIXTZWMV/
E-Mail link for openSUSE-SU-2021:1024-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1185975
SUSE Bug 1185975
https://www.suse.com/security/cve/CVE-2020-28600/
SUSE CVE CVE-2020-28600 page

Описание

An out-of-bounds write vulnerability exists in the import_stl.cc:import_stl() functionality of Openscad openscad-2020.12-RC2. A specially crafted STL file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability.

Затронутые продукты

openSUSE Leap 15.2:openscad-2019.05-lp152.2.3.1

Ссылки

https://www.suse.com/security/cve/CVE-2020-28600.html
CVE-2020-28600
https://bugzilla.suse.com/1185975
SUSE Bug 1185975

openSUSE-SU-2021:1024-1

Описание

Список пакетов

openSUSE Leap 15.2

Ссылки

Уязвимость: CVE-2020-28600

Описание

Затронутые продукты

Ссылки