Описание
Security update for libspf2
This update for libspf2 fixes the following issue:
- CVE-2021-20314: A remote overflow in SPF parsing could lead to remote code execution (bsc#1189104)
Список пакетов
SUSE Package Hub 15 SP1
libspf2-2-1.2.10-bp153.5.1
libspf2-devel-1.2.10-bp153.5.1
libspf2-tools-1.2.10-bp153.5.1
SUSE Package Hub 15 SP2
libspf2-2-1.2.10-bp153.5.1
libspf2-devel-1.2.10-bp153.5.1
libspf2-tools-1.2.10-bp153.5.1
SUSE Package Hub 15 SP3
libspf2-2-1.2.10-bp153.5.1
libspf2-devel-1.2.10-bp153.5.1
libspf2-tools-1.2.10-bp153.5.1
openSUSE Leap 15.2
libspf2-2-1.2.10-bp153.5.1
libspf2-devel-1.2.10-bp153.5.1
libspf2-tools-1.2.10-bp153.5.1
openSUSE Leap 15.3
libspf2-2-1.2.10-bp153.5.1
libspf2-devel-1.2.10-bp153.5.1
libspf2-tools-1.2.10-bp153.5.1
Ссылки
- E-Mail link for openSUSE-SU-2021:1187-1
- SUSE Security Ratings
- SUSE Bug 1189104
- SUSE CVE CVE-2021-20314 page
Описание
Stack buffer overflow in libspf2 versions below 1.2.11 when processing certain SPF macros can lead to Denial of service and potentially code execution via malicious crafted SPF explanation messages.
Затронутые продукты
SUSE Package Hub 15 SP1:libspf2-2-1.2.10-bp153.5.1
SUSE Package Hub 15 SP1:libspf2-devel-1.2.10-bp153.5.1
SUSE Package Hub 15 SP1:libspf2-tools-1.2.10-bp153.5.1
SUSE Package Hub 15 SP2:libspf2-2-1.2.10-bp153.5.1
Ссылки
- CVE-2021-20314
- SUSE Bug 1189104