exploitDog

openSUSE-SU-2023:0054-1

Опубликовано: 20 фев. 2023

Источник: suse-cvrf

Описание

Security update for jhead

This update for jhead fixes the following issues:

Fixed autorotation problem caused by CVE-2022-41751 patch. [boo#1207150]

Список пакетов

SUSE Package Hub 15 SP4

jhead-3.06.0.1-bp154.2.9.1

openSUSE Leap 15.4

jhead-3.06.0.1-bp154.2.9.1

Ссылки

https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/CYBVUZVIEIGVABNKE655UZMRZXPY7BPJ/
E-Mail link for openSUSE-SU-2023:0054-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1207150
SUSE Bug 1207150
https://www.suse.com/security/cve/CVE-2022-41751/
SUSE CVE CVE-2022-41751 page

Описание

Jhead 3.06.0.1 allows attackers to execute arbitrary OS commands by placing them in a JPEG filename and then using the regeneration -rgt50 option.

Затронутые продукты

SUSE Package Hub 15 SP4:jhead-3.06.0.1-bp154.2.9.1

openSUSE Leap 15.4:jhead-3.06.0.1-bp154.2.9.1

Ссылки

https://www.suse.com/security/cve/CVE-2022-41751.html
CVE-2022-41751
https://bugzilla.suse.com/1204409
SUSE Bug 1204409