Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

SUSE 2023:0921-2 Security Advisory: Gzip Input Overflow Risk Alert

suse
Calendar Grey March 14, 2022
Dist Suse Esm H88
A recent update for flac resolves a moderate severity security flaw within SUSE systems. It's crucial to apply this patch to safeguard your infrastructure.
An update that fixes one vulnerability is now available

Summary

This update for flac fixes the following issues: - CVE-2021-0561: Fixed out of bound write in append_to_verify_fifo_interleaved_ (bsc#1196660). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Realtime Extension 15-SP2: zypper in -t patch SUSE-SLE-Product-RT-15-SP2-2022-815=1 - SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3: zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP3-2022-815=1 - SUSE Linux Enterprise Module for Basesystem 15-SP3: zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-815=1 Package List: - SUSE Linux Enterprise Realtime Extension 15-SP2 (x86_64):

Topics%20covered

Topics Covered

security advisory software update moderate severity SUSE flac out of bound write

References

#1196660

Cross- CVE-2021-0561

CVSS scores:

CVE-2021-0561 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CVE-2021-0561 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Affected Products:

SUSE Linux Enterprise Desktop 15-SP3

SUSE Linux Enterprise High Performance Computing 15-SP3

SUSE Linux Enterprise Module for Basesystem 15-SP3

SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3

SUSE Linux Enterprise Realtime Extension 15-SP2

SUSE Linux Enterprise Server 15-SP3

SUSE Linux Enterprise Server for SAP Applications 15-SP3

SUSE Manager Proxy 4.2

SUSE Manager Server 4.2

https://www.suse.com/security/cve/CVE-2021-0561.html

https://bugzilla.suse.com/1196660

Announcement ID: SUSE-SU-2022:0815-1
Rating: moderate

Topics%20covered

Topics Covered

security advisory software update moderate severity SUSE flac out of bound write

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here