openSUSE Security Update: Security update for lout
______________________________________________________________________________
Announcement ID: openSUSE-SU-2020:1813-1
Rating: important
References: #1159713 #1159714
Cross-References: CVE-2019-19917 CVE-2019-19918
Affected Products:
openSUSE Backports SLE-15-SP2
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for lout fixes the following issues:
– CVE-2019-19918: Fixed buffer overflow in srcnext() (boo#1159713).
– CVE-2019-19917: Fixed buffer overflow in StringQuotedWord()
(boo#1159714).
This update was imported from the openSUSE:Leap:15.2:Update update project.
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product:
– openSUSE Backports SLE-15-SP2:
zypper in -t patch openSUSE-2020-1813=1
Package List:
– openSUSE Backports SLE-15-SP2 (aarch64 ppc64le s390x x86_64):
lout-3.40-bp152.4.3.1
References:
https://protect2.fireeye.com/v1/url?k=9a174138-c58b5b26-9a10dcf4-000babd90757-46196f7b4bfff0ad&q=1&e=cc5ec599-3e9f-45d4-b097-c7424cdb432e&u=https%3A%2F%2Fwww.suse.com%2Fsecurity%2Fcve%2FCVE-2019-19917.html
https://protect2.fireeye.com/v1/url?k=b050b335-efcca92b-b0572ef9-000babd90757-0da707f023ceacb6&q=1&e=cc5ec599-3e9f-45d4-b097-c7424cdb432e&u=https%3A%2F%2Fwww.suse.com%2Fsecurity%2Fcve%2FCVE-2019-19918.html
https://protect2.fireeye.com/v1/url?k=cdd6c8db-924ad2c5-cdd15517-000babd90757-1c5598cf65c8bd26&q=1&e=cc5ec599-3e9f-45d4-b097-c7424cdb432e&u=https%3A%2F%2Fbugzilla.suse.com%2F1159713
https://protect2.fireeye.com/v1/url?k=c8520212-97ce180c-c8559fde-000babd90757-30d60b0228c84f70&q=1&e=cc5ec599-3e9f-45d4-b097-c7424cdb432e&u=https%3A%2F%2Fbugzilla.suse.com%2F1159714
—
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org
openSUSE Security Update: Security update for lout
______________________________________________________________________________
Announcement ID: openSUSE-SU-2020:1812-1
Rating: important
References: #1159713 #1159714
Cross-References: CVE-2019-19917 CVE-2019-19918
Affected Products:
openSUSE Backports SLE-15-SP1
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for lout fixes the following issues:
– CVE-2019-19918: Fixed buffer overflow in srcnext() (boo#1159713).
– CVE-2019-19917: Fixed buffer overflow in StringQuotedWord()
(boo#1159714).
This update was imported from the openSUSE:Leap:15.1:Update update project.
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product:
– openSUSE Backports SLE-15-SP1:
zypper in -t patch openSUSE-2020-1812=1
Package List:
– openSUSE Backports SLE-15-SP1 (aarch64 ppc64le s390x x86_64):
lout-3.40-bp151.2.3.1
References:
https://protect2.fireeye.com/v1/url?k=c0ecfbd7-9f70e1c9-c0eb661b-000babd90757-5a445d06c2b8c279&q=1&e=be880040-a132-461b-8091-492a0582f7b2&u=https%3A%2F%2Fwww.suse.com%2Fsecurity%2Fcve%2FCVE-2019-19917.html
https://protect2.fireeye.com/v1/url?k=210ebee9-7e92a4f7-21092325-000babd90757-1b03a8e050e07698&q=1&e=be880040-a132-461b-8091-492a0582f7b2&u=https%3A%2F%2Fwww.suse.com%2Fsecurity%2Fcve%2FCVE-2019-19918.html
https://protect2.fireeye.com/v1/url?k=956d880a-caf19214-956a15c6-000babd90757-12730ce2e92271bc&q=1&e=be880040-a132-461b-8091-492a0582f7b2&u=https%3A%2F%2Fbugzilla.suse.com%2F1159713
https://protect2.fireeye.com/v1/url?k=96a3cf56-c93fd548-96a4529a-000babd90757-95e8c834741b43ac&q=1&e=be880040-a132-461b-8091-492a0582f7b2&u=https%3A%2F%2Fbugzilla.suse.com%2F1159714
—
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org