Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 496
Alerts This Week
Warning Icon 1 496

SUSE: 2019:0770-1 Moderate: libcaca Memory Access Problems

suse
Calendar Grey March 27, 2019
Dist Suse Esm H88
The newest update tackles crucial security vulnerabilities in libcaca that notably affect SUSE Linux components. Users should apply the suggested patches to reduce these risks
An update that fixes 6 vulnerabilities is now available

Summary

This update for libcaca fixes the following issues: Security issues fixed: - CVE-2018-20544: Fixed a floating point exception at caca/dither.c (bsc#1120502) - CVE-2018-20545: Fixed a WRITE memory access in the load_image function at common-image.c for 4bpp (bsc#1120584) - CVE-2018-20546: Fixed a READ memory access in the get_rgba_default function at caca/dither.c for bpp (bsc#1120503) - CVE-2018-20547: Fixed a READ memory access in the get_rgba_default function at caca/dither.c for 24bpp (bsc#1120504) - CVE-2018-20548: Fixed a WRITE memory access in the load_image function at common-image.c for 1bpp (bsc#1120589) - CVE-2018-20549: Fixed a WRITE memory access in the caca_file_read function at caca/file.c (bsc#1120470) Patch Instructions:

References

#1120470 #1120502 #1120503 #1120504 #1120584

#1120589

Cross- CVE-2018-20544 CVE-2018-20545 CVE-2018-20546

CVE-2018-20547 CVE-2018-20548 CVE-2018-20549

Affected Products:

SUSE Linux Enterprise Module for Server Applications 15

SUSE Linux Enterprise Module for Open Buildservice Development Tools 15

https://www.suse.com/security/cve/CVE-2018-20544.html

https://www.suse.com/security/cve/CVE-2018-20545.html

https://www.suse.com/security/cve/CVE-2018-20546.html

https://www.suse.com/security/cve/CVE-2018-20547.html

https://www.suse.com/security/cve/CVE-2018-20548.html

https://www.suse.com/security/cve/CVE-2018-20549.html

https://bugzilla.suse.com/1120470

https://bugzilla.suse.com/1120502

https://bugzilla.suse.com/1120503

Announcement ID: SUSE-SU-2019:0770-1
Rating: moderate

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.