SUSE-SU-2019:1267-1

See a problem?
Please try reporting it to the source first.

Source

https://www.suse.com/support/update/announcement/2019/suse-su-20191267-1/

Import Source

https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2019:1267-1.json

JSON Data

https://api.osv.dev/v1/vulns/SUSE-SU-2019:1267-1

Related

CVE-2019-11023

Published

2019-05-16T07:55:34Z

Modified

2025-05-02T04:08:35.379574Z

Upstream

CVE-2019-11023

Summary

Security update for graphviz

Details

This update for graphviz fixes the following issues:

Security issue fixed:

CVE-2019-11023: Fixed a denial of service vulnerability, which was caused by a NULL pointer dereference in agroot() (bsc#1132091).

References

Affected packages

SUSE:Linux Enterprise Module for Basesystem 15 / graphviz

Package

Name: graphviz
Purl: pkg:rpm/suse/graphviz&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.40.1-6.3.2

Ecosystem specific

{
    "binaries": [
        {
            "graphviz-plugins-core": "2.40.1-6.3.2",
            "graphviz": "2.40.1-6.3.2",
            "graphviz-devel": "2.40.1-6.3.2",
            "libgraphviz6": "2.40.1-6.3.2"
        }
    ]
}

SUSE:Linux Enterprise Module for Development Tools 15 / graphviz-addons

Package

Name: graphviz-addons
Purl: pkg:rpm/suse/graphviz-addons&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.40.1-6.3.2

Ecosystem specific

{
    "binaries": [
        {
            "graphviz-perl": "2.40.1-6.3.2"
        }
    ]
}

SUSE:Linux Enterprise Module for Package Hub 15 / graphviz-addons

Package

Name: graphviz-addons
Purl: pkg:rpm/suse/graphviz-addons&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.40.1-6.3.2

Ecosystem specific

{
    "binaries": [
        {
            "graphviz-gnome": "2.40.1-6.3.2"
        }
    ]
}

SUSE:Linux Enterprise Module for Server Applications 15 / graphviz-addons

Package

Name: graphviz-addons
Purl: pkg:rpm/suse/graphviz-addons&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Server%20Applications%2015

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.40.1-6.3.2

Ecosystem specific

{
    "binaries": [
        {
            "graphviz-tcl": "2.40.1-6.3.2"
        }
    ]
}

SUSE:Linux Enterprise High Availability Extension 15 / graphviz-addons

Package

Name: graphviz-addons
Purl: pkg:rpm/suse/graphviz-addons&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2015

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.40.1-6.3.2

Ecosystem specific

{
    "binaries": [
        {
            "graphviz-gd": "2.40.1-6.3.2",
            "graphviz-python": "2.40.1-6.3.2"
        }
    ]
}