SUSE-SU-2018:4214-1

See a problem?
Please try reporting it to the source first.
Source
https://www.suse.com/support/update/announcement/2018/suse-su-20184214-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2018:4214-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2018:4214-1
Related
Published
2018-12-21T05:45:58Z
Modified
2025-05-02T04:07:33.137347Z
Upstream
Summary
Security update for netatalk
Details

This update for netatalk fixes the following issues:

Security issue fixed:

  • CVE-2018-1160 Fixed a missing bounds check in the handling of the DSI OPEN SESSION request, which allowed an unauthenticated to overwrite memory with data of their choice leading for arbitrary code execution with root privileges. (bsc#1119540)
References

Affected packages

SUSE:Linux Enterprise Software Development Kit 11 SP4 / netatalk

Package

Name
netatalk
Purl
pkg:rpm/suse/netatalk&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2011%20SP4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.0.3-249.23.3.1

Ecosystem specific 

{
    "binaries": [
        {
            "netatalk-devel": "2.0.3-249.23.3.1",
            "netatalk": "2.0.3-249.23.3.1"
        }
    ]
}