Описание
Security update for libass
This update for libass fixes the following issues:
- CVE-2020-24994: Fixed a stack overflow in the parse_tag (bsc#1184153).
Список пакетов
openSUSE Leap 15.3
libass-devel-0.14.0-3.6.1
libass9-0.14.0-3.6.1
libass9-32bit-0.14.0-3.6.1
Ссылки
- E-Mail link for openSUSE-SU-2021:1664-1
- SUSE Security Ratings
- SUSE Bug 1184153
- SUSE CVE CVE-2020-24994 page
Описание
Stack overflow in the parse_tag function in libass/ass_parse.c in libass before 0.15.0 allows remote attackers to cause a denial of service or remote code execution via a crafted file.
Затронутые продукты
openSUSE Leap 15.3:libass-devel-0.14.0-3.6.1
openSUSE Leap 15.3:libass9-0.14.0-3.6.1
openSUSE Leap 15.3:libass9-32bit-0.14.0-3.6.1
Ссылки
- CVE-2020-24994
- SUSE Bug 1184153