Oval Definition:	oval:org.opensuse.security:def:20181000221
Revision Date: 2022-06-30 Version: 1 Title: CVE-2018-1000221 Description: pkgconf version 1.5.0 to 1.5.2 contains a Buffer Overflow vulnerability in dequote() that can result in dequote() function returns 1-byte allocation if initial length is 0, leading to buffer overflow. This attack appear to be exploitable via specially crafted .pc file. This vulnerability appears to have been fixed in 1.5.3. Family: unix Class: vulnerability Status: Reference(s): Mitre CVE-2018-1000221 SUSE CVE-2018-1000221 Platform(s): openSUSE Tumbleweed SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 15 SUSE Linux Enterprise High Performance Computing 15 SUSE Linux Enterprise Module for Basesystem 15 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 15 SUSE Linux Enterprise Server for SAP Applications 15 Product(s): Definition Synopsis SUSE Linux Enterprise Desktop 12 SP3 is installed AND pkg-config is not affected Definition Synopsis openSUSE Tumbleweed is installed AND Package Information libpkgconf-devel-1.8.0-1.2 is installed OR libpkgconf3-1.8.0-1.2 is installed OR pkgconf-1.8.0-1.2 is installed OR pkgconf-m4-1.8.0-1.2 is installed OR pkgconf-pkg-config-1.8.0-1.2 is installed Definition Synopsis Release Information SUSE Linux Enterprise Desktop 15 is installed OR SUSE Linux Enterprise High Performance Computing 15 is installed OR SUSE Linux Enterprise Module for Basesystem 15 is installed OR SUSE Linux Enterprise Server 15 is installed OR SUSE Linux Enterprise Server for SAP Applications 15 is installed AND pkg-config is not affected Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND pkg-config is not affected
BACK