| Revision Date: | 2022-08-29 | Version: | 1 |
| Title: | Security update for oniguruma (Important) (in QA) |
| Description: |
This update for oniguruma fixes the following issues:
- CVE-2019-19246: Fixed an out of bounds access during regular expression matching (bsc#1157805). - CVE-2019-19204: Fixed an out of bounds access when compiling a crafted regular expression (bsc#1164569). - CVE-2019-19203: Fixed an out of bounds access when performing a string search (bsc#1164550). - CVE-2019-16163: Fixed an uncontrolled recursion issue when compiling a crafted regular expression, which could lead to denial of service (bsc#1150130). - CVE-2020-26159: Fixed an off-by-one buffer overflow (bsc#1177179). - CVE-2019-13224: Fixed a potential use-after-free when handling multiple different encodings (bsc#1142847).
This patch is currently in QA and not yet available for download.
|
| Family: | unix | Class: | patch |
| Status: | | Reference(s): | 1142847
1150130
1157805
1164550
1164569
1177179
CVE-2019-13224
CVE-2019-16163
CVE-2019-19203
CVE-2019-19204
CVE-2019-19246
CVE-2020-26159
|
| Platform(s): | SUSE Linux Enterprise Server 15 SP2-BCL
| Product(s): | |
| Definition Synopsis |
| SUSE Linux Enterprise Server 15 SP2-BCL is installed AND Package Information
libonig4-6.7.0-150000.3.3.1 is installed
OR oniguruma-devel-6.7.0-150000.3.3.1 is installed
|