SUSE-SU-2017:1156-1

CVE-2017-6369: Insufficient checks in the UDF subsystem in Firebird allowed remote authenticated users to execute code by using a 'system' entrypoint from fbudf.so (bsc#1023990).

References

Affected packages

SUSE:Linux Enterprise Desktop 12 SP1 / firebird-classic

Package

Name: firebird-classic
Purl: pkg:rpm/suse/firebird-classic&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP1

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.5.2.26539-15.1

Ecosystem specific

{
    "binaries": [
        {
            "libfbembed2_5": "2.5.2.26539-15.1"
        }
    ]
}

SUSE:Linux Enterprise Desktop 12 SP2 / firebird-classic

Package

Name: firebird-classic
Purl: pkg:rpm/suse/firebird-classic&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP2

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.5.2.26539-15.1

Ecosystem specific

{
    "binaries": [
        {
            "libfbembed2_5": "2.5.2.26539-15.1"
        }
    ]
}

SUSE:Linux Enterprise Software Development Kit 12 SP1 / firebird

Package

Name: firebird
Purl: pkg:rpm/suse/firebird&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP1

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.5.2.26539-15.1

Ecosystem specific

{
    "binaries": [
        {
            "firebird-devel": "2.5.2.26539-15.1",
            "libfbembed-devel": "2.5.2.26539-15.1",
            "libfbembed2_5": "2.5.2.26539-15.1"
        }
    ]
}

SUSE:Linux Enterprise Software Development Kit 12 SP1 / firebird-classic

Package

Name: firebird-classic
Purl: pkg:rpm/suse/firebird-classic&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP1

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.5.2.26539-15.1

Ecosystem specific

{
    "binaries": [
        {
            "firebird-devel": "2.5.2.26539-15.1",
            "libfbembed-devel": "2.5.2.26539-15.1",
            "libfbembed2_5": "2.5.2.26539-15.1"
        }
    ]
}

SUSE:Linux Enterprise Software Development Kit 12 SP2 / firebird-classic

Package

Name: firebird-classic
Purl: pkg:rpm/suse/firebird-classic&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP2

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.5.2.26539-15.1

Ecosystem specific

{
    "binaries": [
        {
            "libfbembed-devel": "2.5.2.26539-15.1",
            "libfbembed2_5": "2.5.2.26539-15.1"
        }
    ]
}

SUSE:Linux Enterprise Workstation Extension 12 SP1 / firebird-classic

Package

Name: firebird-classic
Purl: pkg:rpm/suse/firebird-classic&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012%20SP1

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.5.2.26539-15.1

Ecosystem specific

{
    "binaries": [
        {
            "libfbembed2_5": "2.5.2.26539-15.1"
        }
    ]
}

SUSE:Linux Enterprise Workstation Extension 12 SP2 / firebird-classic

Package

Name: firebird-classic
Purl: pkg:rpm/suse/firebird-classic&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012%20SP2

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.5.2.26539-15.1

Ecosystem specific

{
    "binaries": [
        {
            "libfbembed2_5": "2.5.2.26539-15.1"
        }
    ]
}