Oval Definition:oval:org.opensuse.security:def:88685
Revision Date:2019-06-12Version:1
Title:Security update for libcroco (Moderate)
Description:

This update for libcroco fixes the following issues:

Security issues fixed:

- CVE-2017-7960: Fixed heap overflow (input: check end of input before reading a byte) (bsc#1034481). - CVE-2017-7961: Fixed undefined behavior (tknzr: support only max long rgb values) (bsc#1034482). - CVE-2017-8834: Fixed denial of service (memory allocation error) via a crafted CSS file (bsc#1043898). - CVE-2017-8871: Fixed denial of service (infinite loop and CPU consumption) via a crafted CSS file (bsc#1043899).
Family:unixClass:patch
Status:Reference(s):1034481
1034482
1043898
1043899
CVE-2017-7960
CVE-2017-7961
CVE-2017-8834
CVE-2017-8871
SUSE-SU-2019:1468-1
Platform(s):SUSE Linux Enterprise Server 12 SP4
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • libcroco-0_6-3-0.6.11-12.3.1 is installed
  • OR libcroco-0_6-3-32bit-0.6.11-12.3.1 is installed
    • BACK