You are here
Home > Preporuke > Sigurnosni nedostaci programskog paketa lout

Sigurnosni nedostaci programskog paketa lout

openSUSE Security Update: Security update for lout
______________________________________________________________________________

Announcement ID: openSUSE-SU-2020:1813-1
Rating: important
References: #1159713 #1159714
Cross-References: CVE-2019-19917 CVE-2019-19918
Affected Products:
openSUSE Backports SLE-15-SP2
______________________________________________________________________________

An update that fixes two vulnerabilities is now available.

Description:

This update for lout fixes the following issues:

– CVE-2019-19918: Fixed buffer overflow in srcnext() (boo#1159713).
– CVE-2019-19917: Fixed buffer overflow in StringQuotedWord()
(boo#1159714).

This update was imported from the openSUSE:Leap:15.2:Update update project.

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.

Alternatively you can run the command listed for your product:

– openSUSE Backports SLE-15-SP2:

zypper in -t patch openSUSE-2020-1813=1

Package List:

– openSUSE Backports SLE-15-SP2 (aarch64 ppc64le s390x x86_64):

lout-3.40-bp152.4.3.1

References:

https://protect2.fireeye.com/v1/url?k=9a174138-c58b5b26-9a10dcf4-000babd90757-46196f7b4bfff0ad&q=1&e=cc5ec599-3e9f-45d4-b097-c7424cdb432e&u=https%3A%2F%2Fwww.suse.com%2Fsecurity%2Fcve%2FCVE-2019-19917.html
https://protect2.fireeye.com/v1/url?k=b050b335-efcca92b-b0572ef9-000babd90757-0da707f023ceacb6&q=1&e=cc5ec599-3e9f-45d4-b097-c7424cdb432e&u=https%3A%2F%2Fwww.suse.com%2Fsecurity%2Fcve%2FCVE-2019-19918.html
https://protect2.fireeye.com/v1/url?k=cdd6c8db-924ad2c5-cdd15517-000babd90757-1c5598cf65c8bd26&q=1&e=cc5ec599-3e9f-45d4-b097-c7424cdb432e&u=https%3A%2F%2Fbugzilla.suse.com%2F1159713
https://protect2.fireeye.com/v1/url?k=c8520212-97ce180c-c8559fde-000babd90757-30d60b0228c84f70&q=1&e=cc5ec599-3e9f-45d4-b097-c7424cdb432e&u=https%3A%2F%2Fbugzilla.suse.com%2F1159714


To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org

openSUSE Security Update: Security update for lout
______________________________________________________________________________

Announcement ID: openSUSE-SU-2020:1812-1
Rating: important
References: #1159713 #1159714
Cross-References: CVE-2019-19917 CVE-2019-19918
Affected Products:
openSUSE Backports SLE-15-SP1
______________________________________________________________________________

An update that fixes two vulnerabilities is now available.

Description:

This update for lout fixes the following issues:

– CVE-2019-19918: Fixed buffer overflow in srcnext() (boo#1159713).
– CVE-2019-19917: Fixed buffer overflow in StringQuotedWord()
(boo#1159714).

This update was imported from the openSUSE:Leap:15.1:Update update project.

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.

Alternatively you can run the command listed for your product:

– openSUSE Backports SLE-15-SP1:

zypper in -t patch openSUSE-2020-1812=1

Package List:

– openSUSE Backports SLE-15-SP1 (aarch64 ppc64le s390x x86_64):

lout-3.40-bp151.2.3.1

References:

https://protect2.fireeye.com/v1/url?k=c0ecfbd7-9f70e1c9-c0eb661b-000babd90757-5a445d06c2b8c279&q=1&e=be880040-a132-461b-8091-492a0582f7b2&u=https%3A%2F%2Fwww.suse.com%2Fsecurity%2Fcve%2FCVE-2019-19917.html
https://protect2.fireeye.com/v1/url?k=210ebee9-7e92a4f7-21092325-000babd90757-1b03a8e050e07698&q=1&e=be880040-a132-461b-8091-492a0582f7b2&u=https%3A%2F%2Fwww.suse.com%2Fsecurity%2Fcve%2FCVE-2019-19918.html
https://protect2.fireeye.com/v1/url?k=956d880a-caf19214-956a15c6-000babd90757-12730ce2e92271bc&q=1&e=be880040-a132-461b-8091-492a0582f7b2&u=https%3A%2F%2Fbugzilla.suse.com%2F1159713
https://protect2.fireeye.com/v1/url?k=96a3cf56-c93fd548-96a4529a-000babd90757-95e8c834741b43ac&q=1&e=be880040-a132-461b-8091-492a0582f7b2&u=https%3A%2F%2Fbugzilla.suse.com%2F1159714


To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org

Top
More in Preporuke
Sigurnosni nedostatak programskog paketa pagure

Otkriven je sigurnosni nedostatak u programskom paketu pagure za operacijski sustav openSUSE. Otkriveni nedostatak potencijalnim napadačima omogućuje izvođenje XSS napada....

Close