SUSE-SU-2015:1484-1
See a problem?- Import Source
- https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2015:1484-1.json
- JSON Data
- https://api.osv.dev/v1/vulns/SUSE-SU-2015:1484-1
- Related
- Published
- 2015-07-31T15:10:23Z
- Modified
- 2015-07-31T15:10:23Z
- Summary
- Security update for libwmf
- Details
-
libwmf was updated to fix five security issues.
These security issues were fixed: - CVE-2009-1364: Fixed realloc return value usage (bsc#495842, bnc#831299) - CVE-2015-0848: Heap overflow on libwmf0.2-7 (bsc#933109) - CVE-2015-4588: DecodeImage() did not check that the run-length 'count' fits into the total size of the image, which could lead to a heap-based buffer overflow (bsc#933109) - CVE-2015-4695: metapencreate heap buffer over read (bsc#936058) - CVE-2015-4696: Use after free (bsc#936062)
- References
-
- https://www.suse.com/support/update/announcement/2015/suse-su-20151484-1/
- https://bugzilla.suse.com/495842
- https://bugzilla.suse.com/831299
- https://bugzilla.suse.com/933109
- https://bugzilla.suse.com/936058
- https://bugzilla.suse.com/936062
- https://www.suse.com/security/cve/CVE-2009-1364
- https://www.suse.com/security/cve/CVE-2015-0848
- https://www.suse.com/security/cve/CVE-2015-4588
- https://www.suse.com/security/cve/CVE-2015-4695
- https://www.suse.com/security/cve/CVE-2015-4696
Affected packages
SUSE:Linux Enterprise Desktop 12 / libwmf
Package
- Name
- libwmf
- Purl
- purl:rpm/suse/libwmf&distro=SUSE%20Linux%20Enterprise%20Desktop%2012
SUSE:Linux Enterprise Software Development Kit 12 / libwmf
Package
- Name
- libwmf
- Purl
- purl:rpm/suse/libwmf&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012