Oval Definition:oval:org.opensuse.security:def:94453
Revision Date:2022-06-02Version:1
Title: (Moderate)
Description:

This update for libarchive fixes the following issues:

- CVE-2022-26280: Fixed out-of-bounds read via the component zipx_lzma_alone_init (bsc#1197634). - CVE-2021-36976: Fixed use-after-free in copy_string (called from do_uncompress_block and process_block) (bsc#1188572). - CVE-2017-5601: Fixed out-of-bounds memory access preventing denial-of-service (bsc#1197634, bsc#1189528).
Family:unixClass:patch
Status:Reference(s):1022528
1178666
1178667
1178668
1188572
1189528
1197634
CVE-2017-5601
CVE-2020-25694
CVE-2020-25695
CVE-2020-25696
CVE-2021-36976
CVE-2022-26280
SUSE-SU-2020:3476-1
Platform(s):Image SLES15-SP4-Manager-Server-4-3-BYOS-GCE
SUSE Linux Enterprise Desktop 15 SP2
SUSE Linux Enterprise High Performance Computing 15 SP2
SUSE Linux Enterprise Module for Basesystem 15 SP2
SUSE Linux Enterprise Server 15 SP2
SUSE Linux Enterprise Server for SAP Applications 15 SP2
SUSE Linux Enterprise Storage 7
SUSE Manager Proxy 4.1
SUSE Manager Server 4.1
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Module for Basesystem 15 SP2 is installed
  • AND postgresql10-10.15-8.22.1 is installed
    • Definition Synopsis
  • Image SLES15-SP4-Manager-Server-4-3-BYOS-GCE is installed
  • AND libarchive13-3.5.1-150400.3.3.1 is installed
    • BACK