Alerts This Week
Warning Icon 1 727
Alerts This Week
Warning Icon 1 727

SUSE: 2020:3125-1 Important Update for Sane-Backends Security Issues

suse
Calendar Grey November 3, 2020
Dist Suse Esm H88
SUSE Security Patch resolves urgent concerns in sane-backends and outlines solutions for various weaknesses.
An update that fixes 8 vulnerabilities, contains three features is now available

Summary

This update for sane-backends fixes the following issues: - sane-backends version upgrade to 1.0.31: * sane-backends version upgrade to 1.0.30 fixes memory corruption bugs CVE-2020-12861, CVE-2020-12862, CVE-2020-12863, CVE-2020-12864, CVE-2020-12865, CVE-2020-12866, CVE-2020-12867 (bsc#1172524) * sane-backends version upgrade to 1.0.31 to further improve hardware enablement for scanner devices (jsc#SLE-15561 and jsc#SLE-15560 with jsc#ECO-2418) * The new escl backend cannot be provided for SLE12 because it requires more additional software (avahi-client, libcurl, and libpoppler-glib-devel) where in particular for libcurl the one that is in SLE12 (via libcurl-devel-7.37.0) is likely too old because with that building the escl backend fails with "escl/escl.c:1267:34: error:

Topics%20covered

Topics Covered

security advisory update vulnerability important suse linux sane-backends

References

#1172524 ECO-2418 SLE-15560 SLE-15561

Cross- CVE-2017-6318 CVE-2020-12861 CVE-2020-12862

CVE-2020-12863 CVE-2020-12864 CVE-2020-12865

CVE-2020-12866 CVE-2020-12867

Affected Products:

SUSE OpenStack Cloud Crowbar 9

SUSE OpenStack Cloud Crowbar 8

SUSE OpenStack Cloud 9

SUSE OpenStack Cloud 8

SUSE OpenStack Cloud 7

SUSE Linux Enterprise Workstation Extension 12-SP5

SUSE Linux Enterprise Software Development Kit 12-SP5

SUSE Linux Enterprise Server for SAP 12-SP4

SUSE Linux Enterprise Server for SAP 12-SP3

SUSE Linux Enterprise Server for SAP 12-SP2

SUSE Linux Enterprise Server 12-SP5

SUSE Linux Enterprise Server 12-SP4-LTSS

SUSE Linux Enterprise Server 12-SP3-LTSS

SUSE Linux Ent...

Read the Full Advisory

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2020:3125-1
Rating: important

Topics%20covered

Topics Covered

security advisory update vulnerability important suse linux sane-backends

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here