Oval Definition:oval:org.opensuse.security:def:88870
Revision Date:2019-04-02Version:1
Title:Security update for file (Moderate)
Description:

This update for file fixes the following issues:

The following security vulnerabilities were addressed:

- Fixed an out-of-bounds read in the function do_core_note in readelf.c, which allowed remote attackers to cause a denial of service (application crash) via a crafted ELF file (bsc#1096974 CVE-2018-10360). - CVE-2019-8905: Fixed a stack-based buffer over-read in do_core_note in readelf.c (bsc#1126118) - CVE-2019-8906: Fixed an out-of-bounds read in do_core_note in readelf. c (bsc#1126119) - CVE-2019-8907: Fixed a stack corruption in do_core_note in readelf.c (bsc#1126117)
Family:unixClass:patch
Status:Reference(s):1096974
1096984
1126117
1126118
1126119
CVE-2018-10360
CVE-2019-8905
CVE-2019-8906
CVE-2019-8907
SUSE-SU-2019:0839-1
Platform(s):SUSE Linux Enterprise Server 12 SP4
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • file-5.22-10.12.2 is installed
  • OR file-magic-5.22-10.12.2 is installed
  • OR libmagic1-5.22-10.12.2 is installed
  • OR libmagic1-32bit-5.22-10.12.2 is installed
    • BACK