openSUSE-SU-2021:2937-1

Опубликовано: 03 сент. 2021

Источник: suse-cvrf

Описание

Security update for libesmtp

This update for libesmtp fixes the following issues:

CVE-2019-19977: Fixed stack-based buffer over-read in ntlm/ntlmstruct.c (bsc#1160462).

Список пакетов

openSUSE Leap 15.3

libesmtp-1.0.6-150.4.1

libesmtp-devel-1.0.6-150.4.1

Ссылки

https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/TGZ4L5IPYNOJTWC7WZTAMPSFHIGKXQAE/
E-Mail link for openSUSE-SU-2021:2937-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1160462
SUSE Bug 1160462
https://bugzilla.suse.com/1189097
SUSE Bug 1189097
https://www.suse.com/security/cve/CVE-2019-19977/
SUSE CVE CVE-2019-19977 page

Описание

libESMTP through 1.0.6 mishandles domain copying into a fixed-size buffer in ntlm_build_type_2 in ntlm/ntlmstruct.c, as demonstrated by a stack-based buffer over-read.

Затронутые продукты

openSUSE Leap 15.3:libesmtp-1.0.6-150.4.1

openSUSE Leap 15.3:libesmtp-devel-1.0.6-150.4.1

Ссылки

https://www.suse.com/security/cve/CVE-2019-19977.html
CVE-2019-19977
https://bugzilla.suse.com/1160462
SUSE Bug 1160462
https://bugzilla.suse.com/1189097
SUSE Bug 1189097
https://bugzilla.suse.com/1190329
SUSE Bug 1190329
https://bugzilla.suse.com/1191840
SUSE Bug 1191840
https://bugzilla.suse.com/1192365
SUSE Bug 1192365
https://bugzilla.suse.com/1193380
SUSE Bug 1193380
https://bugzilla.suse.com/1193381
SUSE Bug 1193381

openSUSE-SU-2021:2937-1

Описание

Список пакетов

openSUSE Leap 15.3

Ссылки

Уязвимость: CVE-2019-19977

Описание

Затронутые продукты

Ссылки