Описание
Security update for global
This update for global fixes the following issues:
- CVE-2024-38448: htags may allow code execution via untrusted dbpath (boo#1226420)
Список пакетов
SUSE Package Hub 15 SP5
global-6.6.9-bp156.3.3.1
SUSE Package Hub 15 SP6
global-6.6.9-bp156.3.3.1
openSUSE Leap 15.5
global-6.6.9-bp156.3.3.1
openSUSE Leap 15.6
global-6.6.9-bp156.3.3.1
Ссылки
- E-Mail link for openSUSE-SU-2024:0210-1
- SUSE Security Ratings
- SUSE Bug 1226420
- SUSE CVE CVE-2024-38448 page
Описание
htags in GNU Global through 6.6.12 allows code execution in situations where dbpath (aka -d) is untrusted, because shell metacharacters may be used.
Затронутые продукты
SUSE Package Hub 15 SP5:global-6.6.9-bp156.3.3.1
SUSE Package Hub 15 SP6:global-6.6.9-bp156.3.3.1
openSUSE Leap 15.5:global-6.6.9-bp156.3.3.1
openSUSE Leap 15.6:global-6.6.9-bp156.3.3.1
Ссылки
- CVE-2024-38448
- SUSE Bug 1226420