| Revision Date: | 2017-08-17 | Version: | 1 |
| Title: | Security update for libplist (Moderate) |
| Description: |
This update for libplist fixes the following issues:
Security issues fixed:
- CVE-2017-6439: Heap-based buffer overflow in the parse_string_node function. (bsc#1029638) - CVE-2017-6438: Heap-based buffer overflow in the parse_unicode_node function. (bsc#1029706) - CVE-2017-6437: The base64encode function in base64.c allows local users to cause denial of service (out-of-bounds read) via a crafted plist file. (bsc#1029707) - CVE-2017-6436: Integer overflow in parse_string_node. (bsc#1029751) - CVE-2017-6435: Crafted plist file could lead to Heap-buffer overflow. (bsc#1029639)
|
| Family: | unix | Class: | patch |
| Status: | | Reference(s): | 1029638
1029639
1029706
1029707
1029751
CVE-2017-6435
CVE-2017-6436
CVE-2017-6437
CVE-2017-6438
CVE-2017-6439
SUSE-SU-2017:2201-1
|
| Platform(s): | SUSE Linux Enterprise Server 12 SP3
| Product(s): | |
| Definition Synopsis |
| SUSE Linux Enterprise Server 12 SP3 is installed AND libplist3-1.12-20.3.2 is installed
|