Описание
Security update for libcaca
This update for libcaca fixes the following issues:
- CVE-2021-30498, CVE-2021-30499: If an image has a size of 0x0, when exporting, no data is written and space is allocated for the header only, not taking into account that sprintf appends a NUL byte (bsc#1184751, bsc#1184752).
Список пакетов
openSUSE Leap 15.3
caca-utils-0.99.beta19.git20171003-11.3.1
libcaca-devel-0.99.beta19.git20171003-11.3.1
libcaca-ruby-0.99.beta19.git20171003-11.3.1
libcaca0-0.99.beta19.git20171003-11.3.1
libcaca0-32bit-0.99.beta19.git20171003-11.3.1
libcaca0-plugins-0.99.beta19.git20171003-11.3.1
libcaca0-plugins-32bit-0.99.beta19.git20171003-11.3.1
python3-caca-0.99.beta19.git20171003-11.3.1
Ссылки
- E-Mail link for openSUSE-SU-2022:0769-1
- SUSE Security Ratings
- SUSE Bug 1184751
- SUSE Bug 1184752
- SUSE CVE CVE-2021-30498 page
- SUSE CVE CVE-2021-30499 page
Описание
A flaw was found in libcaca. A heap buffer overflow in export.c in function export_tga might lead to memory corruption and other potential consequences.
Затронутые продукты
openSUSE Leap 15.3:caca-utils-0.99.beta19.git20171003-11.3.1
openSUSE Leap 15.3:libcaca-devel-0.99.beta19.git20171003-11.3.1
openSUSE Leap 15.3:libcaca-ruby-0.99.beta19.git20171003-11.3.1
openSUSE Leap 15.3:libcaca0-0.99.beta19.git20171003-11.3.1
Ссылки
- CVE-2021-30498
- SUSE Bug 1184752
- SUSE Bug 1200020
Описание
A flaw was found in libcaca. A buffer overflow of export.c in function export_troff might lead to memory corruption and other potential consequences.
Затронутые продукты
openSUSE Leap 15.3:caca-utils-0.99.beta19.git20171003-11.3.1
openSUSE Leap 15.3:libcaca-devel-0.99.beta19.git20171003-11.3.1
openSUSE Leap 15.3:libcaca-ruby-0.99.beta19.git20171003-11.3.1
openSUSE Leap 15.3:libcaca0-0.99.beta19.git20171003-11.3.1
Ссылки
- CVE-2021-30499
- SUSE Bug 1184751
- SUSE Bug 1200020