Explore top 10 tips to secure your open-source projects now. Read More
×Moderate: liblouis security update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2023:6385", "synopsis": "Moderate: liblouis security update", "severity": "SEVERITY_MODERATE", "topic": "An update is available for liblouis.\nThis update affects Rocky Linux 9.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "Liblouis is an open source braille translator and back-translator named in honor of Louis Braille. It features support for computer and literary braille, supports contracted and uncontracted translation for many languages and has support for hyphenation. New languages can easily be added through tables that support a rule or dictionary based approach. Liblouis also supports math braille (Nemeth and Marburg).\n\nSecurity Fix(es):\n\n* liblouis: buffer overflow in lou_logFile function at logginc.c (CVE-2023-26767)\n\n* liblouis: buffer overflow in lou_setDataPath (CVE-2023-26768)\n\n* liblouis: buffer overflow in Lou_Trace (CVE-2023-26769)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Rocky Linux 9.3 Release Notes linked from the References section.", "solution": null, "affectedProducts": ["Rocky Linux 9"], "fixes": [{"ticket": "2181135", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2181135", "description": ""}, {"ticket": "2181139", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2181139", "description": ""}, {"ticket": "2181143", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2181143", "description": ""}], "cves": [{"name": "CVE-2023-26767", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-26767","cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "cvss3BaseScore": "7.5", "cwe": "CWE-400"}, {"name": "CVE-2023-26768", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-26768", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "cvss3BaseScore": "7.5", "cwe": "CWE-400"}, {"name": "CVE-2023-26769", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-26769", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "cvss3BaseScore": "7.5", "cwe": "CWE-400"}], "references": [], "publishedAt": "2026-07-05T06:03:18.269222Z", "rpms": {"Rocky Linux 9": {"nvras": ["liblouis-0:3.16.1-5.el9.aarch64.rpm", "liblouis-0:3.16.1-5.el9.i686.rpm", "liblouis-0:3.16.1-5.el9.ppc64le.rpm", "liblouis-0:3.16.1-5.el9.s390x.rpm", "liblouis-0:3.16.1-5.el9.src.rpm", "liblouis-0:3.16.1-5.el9.x86_64.rpm", "liblouis-debuginfo-0:3.16.1-5.el9.aarch64.rpm", "liblouis-debuginfo-0:3.16.1-5.el9.i686.rpm", "liblouis-debuginfo-0:3.16.1-5.el9.ppc64le.rpm", "liblouis-debuginfo-0:3.16.1-5.el9.s390x.rpm", "liblouis-debuginfo-0:3.16.1-5.el9.x86_64.rpm", "liblouis-debugsource-0:3.16.1-5.el9.aarch64.rpm", "liblouis-debugsource-0:3.16.1-5.el9.i686.rpm", "liblouis-debugsource-0:3.16.1-5.el9.ppc64le.rpm", "liblouis-debugsource-0:3.16.1-5.el9.s390x.rpm", "liblouis-debugsource-0:3.16.1-5.el9.x86_64.rpm", "python3-louis-0:3.16.1-5.el9.noarch.rpm"]}}, "rebootSuggested": false, "buildReferences": []}. Rocky Linux liblouis security update addresses moderate buffer overflows and enhances system integrity with critical patches.. Rocky Linux liblouis security update buffer overflow CVE-2023-26767. . Severity: moderate. LinuxSecurity.com Team
Multiple vulnerabilities have been discovered in liblouis, the worst of which could result in denial of service.. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202409-18 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Low Title: liblouis: Multiple Vulnerabilities Date: September 22, 2024 Bugs: #905298 ID: 202409-18 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been discovered in liblouis, the worst of which could result in denial of service. Background ========== liblouis is an open-source braille translator and back-translator. Affected packages ================= Package Vulnerable Unaffected ----------------- ------------ ------------ dev-libs/liblouis < 3.25.0 > = 3.25.0 Description =========== Multiple vulnerabilities have been discovered in liblouis. Please review the CVE identifiers referenced below for details. Impact ====== Please review the referenced CVE identifiers for details. Workaround ========== There is no known workaround at this time. Resolution ========== All liblouis users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose "> =dev-libs/liblouis-3.25.0" References ========== [ 1 ] CVE-2023-26767 https://nvd.nist.gov/vuln/detail/CVE-2023-26767 [ 2 ] CVE-2023-26768 https://nvd.nist.gov/vuln/detail/CVE-2023-26768 [ 3 ] CVE-2023-26769 https://nvd.nist.gov/vuln/detail/CVE-2023-26769 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/202409-18 Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentialityand security of our users' machines is of utmost importance to us. Any security concerns should be addressed to
Several security issues were fixed in liblouis.. =========================================================================Ubuntu Security Notice USN-5996-2 May 23, 2023 liblouis vulnerabilities ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 23.04 Summary: Several security issues were fixed in liblouis. Software Description: - liblouis: Braille translation library - utilities Details: USN-5996-1 fixed vulnerabilities in Liblouis. This update provides the corresponding updates for Ubuntu 23.04. Original advisory details: It was discovered that Liblouis incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service. (CVE-2023-26767, CVE-2023-26768, CVE-2023-26769) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 23.04: liblouis-bin 3.24.0-1ubuntu0.1 liblouis20 3.24.0-1ubuntu0.1 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-5996-2 https://ubuntu.com/security/notices/USN-5996-1 CVE-2023-26767, CVE-2023-26768, CVE-2023-26769 Package Information: https://launchpad.net/ubuntu/+source/liblouis/3.24.0-1ubuntu0.1 . The Ubuntu Security Notice USN-5997-1 has been released to tackle vulnerabilities identified in Liblouis, providing detailed guidance for systems that may be impacted.. Ubuntu Liblouis Fix, Denial of Service, Linux Security Advisory. . LinuxSecurity.com Team
Several security issues were fixed in liblouis.. =========================================================================Ubuntu Security Notice USN-5996-1 April 04, 2023 liblouis vulnerabilities ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 22.10 - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS - Ubuntu 16.04 ESM Summary: Several security issues were fixed in liblouis. Software Description: - liblouis: Braille translation library - utilities Details: It was discovered that Liblouis incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service. (CVE-2023-26767, CVE-2023-26768, CVE-2023-26769) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 22.10: liblouis-bin 3.22.0-2ubuntu0.1 liblouis20 3.22.0-2ubuntu0.1 Ubuntu 22.04 LTS: liblouis-bin 3.20.0-2ubuntu0.2 liblouis20 3.20.0-2ubuntu0.2 Ubuntu 20.04 LTS: liblouis-bin 3.12.0-3ubuntu0.2 liblouis20 3.12.0-3ubuntu0.2 Ubuntu 18.04 LTS: liblouis-bin 3.5.0-1ubuntu0.5 python-louis 3.5.0-1ubuntu0.5 Ubuntu 16.04 ESM: liblouis-bin 2.6.4-2ubuntu0.4+esm1 liblouis9 2.6.4-2ubuntu0.4+esm1 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-5996-1 CVE-2023-26767, CVE-2023-26768, CVE-2023-26769 Package Information: https://launchpad.net/ubuntu/+source/liblouis/3.22.0-2ubuntu0.1 https://launchpad.net/ubuntu/+source/liblouis/3.20.0-2ubuntu0.2 https://launchpad.net/ubuntu/+source/liblouis/3.12.0-3ubuntu0.2 https://launchpad.net/ubuntu/+source/liblouis/3.5.0-1ubuntu0.5 . Liblouis flaws resolved in Ubuntu Security Notice USN-5997-1, tacklingvulnerabilities across various editions.. liblouis issues, Ubuntu 22.10, Denial of Service attack. . Severity: Important. LinuxSecurity.com Team
Multiple vulnerabilities have been discovered in liblouis, the worst of which could result in denial of service.. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202301-06 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Low Title: liblouis: Multiple Vulnerabilities Date: January 11, 2023 Bugs: #835093 ID: 202301-06 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= Multiple vulnerabilities have been discovered in liblouis, the worst of which could result in denial of service. Background ========= liblouis is an open-source braille translator and back-translator. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 dev-libs/liblouis < 3.22.0 > = 3.22.0 Description ========== Multiple vulnerabilities have been discovered in liblouis. Please review the CVE identifiers referenced below for details. Impact ===== Please review the referenced CVE identifiers for details. Workaround ========= There is no known workaround at this time. Resolution ========= All liblouis users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose "> =dev-libs/liblouis-3.22.0" References ========= [ 1 ] CVE-2022-26981 https://nvd.nist.gov/vuln/detail/CVE-2022-26981 [ 2 ] CVE-2022-31783 https://nvd.nist.gov/vuln/detail/CVE-2022-31783 Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/202301-06 Concerns? ======== Security is a primaryfocus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to
An update that fixes two vulnerabilities is now available. . SUSE Security Update: Security update for liblouis ______________________________________________________________________________ Announcement ID: SUSE-SU-2022:2298-1 Rating: important References: #1197085 #1200120 Cross-References: CVE-2022-26981 CVE-2022-31783 CVSS scores: CVE-2022-26981 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2022-26981 (SUSE): 7.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H CVE-2022-31783 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2022-31783 (SUSE): 6.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H Affected Products: SUSE Linux Enterprise Desktop 15-SP4 SUSE Linux Enterprise High Performance Computing 15-SP4 SUSE Linux Enterprise Module for Desktop Applications 15-SP4 SUSE Linux Enterprise Server 15-SP4 SUSE Linux Enterprise Server for SAP Applications 15-SP4 openSUSE Leap 15.4 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: This update for liblouis fixes the following issues: - CVE-2022-26981: fix buffer overrun in compilePassOpcode (bsc#1197085). - CVE-2022-31783: prevent an invalid memory write in compileRule (bsc#1200120). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.4: zypper in -t patch openSUSE-SLE-15.4-2022-2298=1 - SUSE Linux Enterprise Module for Desktop Applications 15-SP4: zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP4-2022-2298=1 Package List: - openSUSE Leap 15.4 (aarch64 ppc64le s390xx86_64): liblouis-debuginfo-3.20.0-150400.3.3.1 liblouis-debugsource-3.20.0-150400.3.3.1 liblouis-devel-3.20.0-150400.3.3.1 liblouis-doc-3.20.0-150400.3.3.1 liblouis-tools-3.20.0-150400.3.3.1 liblouis-tools-debuginfo-3.20.0-150400.3.3.1 liblouis20-3.20.0-150400.3.3.1 liblouis20-debuginfo-3.20.0-150400.3.3.1 python3-louis-3.20.0-150400.3.3.1 - openSUSE Leap 15.4 (noarch): liblouis-data-3.20.0-150400.3.3.1 - SUSE Linux Enterprise Module for Desktop Applications 15-SP4 (aarch64 ppc64le s390x x86_64): liblouis-debuginfo-3.20.0-150400.3.3.1 liblouis-debugsource-3.20.0-150400.3.3.1 liblouis-devel-3.20.0-150400.3.3.1 liblouis20-3.20.0-150400.3.3.1 liblouis20-debuginfo-3.20.0-150400.3.3.1 python3-louis-3.20.0-150400.3.3.1 - SUSE Linux Enterprise Module for Desktop Applications 15-SP4 (noarch): liblouis-data-3.20.0-150400.3.3.1 References: https://www.suse.com/security/cve/CVE-2022-26981.html https://www.suse.com/security/cve/CVE-2022-31783.html https://bugzilla.suse.com/1197085 https://bugzilla.suse.com/1200120 . SUSE unveils a significant patch for liblouis tackling urgent buffer and memory vulnerabilities found in the releases 15-SP4 and Leap 15.4.. liblouis update, SUSE patches, memory fix, buffer overrun, security updates. . Severity: Important. LinuxSecurity.com Team
An update that solves two vulnerabilities and has one errata is now available. . SUSE Security Update: Security update for liblouis ______________________________________________________________________________ Announcement ID: SUSE-SU-2022:2252-1 Rating: important References: #1130813 #1197085 #1200120 Cross-References: CVE-2022-26981 CVE-2022-31783 CVSS scores: CVE-2022-26981 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2022-26981 (SUSE): 7.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H CVE-2022-31783 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2022-31783 (SUSE): 6.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H Affected Products: SUSE CaaS Platform 4.0 SUSE Enterprise Storage 6 SUSE Linux Enterprise High Performance Computing 15-ESPOS SUSE Linux Enterprise High Performance Computing 15-LTSS SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS SUSE Linux Enterprise Server 15-LTSS SUSE Linux Enterprise Server 15-SP1-BCL SUSE Linux Enterprise Server 15-SP1-LTSS SUSE Linux Enterprise Server for SAP 15 SUSE Linux Enterprise Server for SAP 15-SP1 openSUSE Leap 15.3 openSUSE Leap 15.4 ______________________________________________________________________________ An update that solves two vulnerabilities and has one errata is now available. Description: This update for liblouis fixes the following issues: - CVE-2022-26981: fix buffer overrun in compilePassOpcode (bsc#1197085). - CVE-2022-31783: prevent an invalid memory write in compileRule (bsc#1200120). Patch Instructions: To install this SUSE Security Update use theSUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.4: zypper in -t patch openSUSE-SLE-15.4-2022-2252=1 - openSUSE Leap 15.3: zypper in -t patch openSUSE-SLE-15.3-2022-2252=1 - SUSE Linux Enterprise Server for SAP 15-SP1: zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP1-2022-2252=1 - SUSE Linux Enterprise Server for SAP 15: zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-2022-2252=1 - SUSE Linux Enterprise Server 15-SP1-LTSS: zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-LTSS-2022-2252=1 - SUSE Linux Enterprise Server 15-SP1-BCL: zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-BCL-2022-2252=1 - SUSE Linux Enterprise Server 15-LTSS: zypper in -t patch SUSE-SLE-Product-SLES-15-2022-2252=1 - SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS: zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-LTSS-2022-2252=1 - SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS: zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-ESPOS-2022-2252=1 - SUSE Linux Enterprise High Performance Computing 15-LTSS: zypper in -t patch SUSE-SLE-Product-HPC-15-2022-2252=1 - SUSE Linux Enterprise High Performance Computing 15-ESPOS: zypper in -t patch SUSE-SLE-Product-HPC-15-2022-2252=1 - SUSE Enterprise Storage 6: zypper in -t patch SUSE-Storage-6-2022-2252=1 - SUSE CaaS Platform 4.0: To install this update, use the SUSE CaaS Platform 'skuba' tool. It will inform you if it detects new updates and let you then trigger updating of the complete cluster in a controlled way. Package List: - openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64): liblouis14-3.3.0-150000.4.8.1 liblouis14-debuginfo-3.3.0-150000.4.8.1 - openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64): liblouis14-3.3.0-150000.4.8.1 liblouis14-debuginfo-3.3.0-150000.4.8.1 - SUSE Linux Enterprise Server for SAP 15-SP1 (ppc64le x86_64): liblouis-data-3.3.0-150000.4.8.1 liblouis-debuginfo-3.3.0-150000.4.8.1 liblouis-debugsource-3.3.0-150000.4.8.1 liblouis-devel-3.3.0-150000.4.8.1 liblouis14-3.3.0-150000.4.8.1 liblouis14-debuginfo-3.3.0-150000.4.8.1 python3-louis-3.3.0-150000.4.8.1 - SUSE Linux Enterprise Server for SAP 15 (ppc64le x86_64): liblouis-data-3.3.0-150000.4.8.1 liblouis-debuginfo-3.3.0-150000.4.8.1 liblouis-debugsource-3.3.0-150000.4.8.1 liblouis-devel-3.3.0-150000.4.8.1 liblouis14-3.3.0-150000.4.8.1 liblouis14-debuginfo-3.3.0-150000.4.8.1 python3-louis-3.3.0-150000.4.8.1 - SUSE Linux Enterprise Server 15-SP1-LTSS (aarch64 ppc64le s390x x86_64): liblouis-data-3.3.0-150000.4.8.1 liblouis-debuginfo-3.3.0-150000.4.8.1 liblouis-debugsource-3.3.0-150000.4.8.1 liblouis-devel-3.3.0-150000.4.8.1 liblouis14-3.3.0-150000.4.8.1 liblouis14-debuginfo-3.3.0-150000.4.8.1 python3-louis-3.3.0-150000.4.8.1 - SUSE Linux Enterprise Server 15-SP1-BCL (x86_64): liblouis-data-3.3.0-150000.4.8.1 liblouis-debuginfo-3.3.0-150000.4.8.1 liblouis-debugsource-3.3.0-150000.4.8.1 liblouis-devel-3.3.0-150000.4.8.1 liblouis14-3.3.0-150000.4.8.1 liblouis14-debuginfo-3.3.0-150000.4.8.1 python3-louis-3.3.0-150000.4.8.1 - SUSE Linux Enterprise Server 15-LTSS (aarch64 s390x): liblouis-data-3.3.0-150000.4.8.1 liblouis-debuginfo-3.3.0-150000.4.8.1 liblouis-debugsource-3.3.0-150000.4.8.1 liblouis-devel-3.3.0-150000.4.8.1 liblouis14-3.3.0-150000.4.8.1 liblouis14-debuginfo-3.3.0-150000.4.8.1 python3-louis-3.3.0-150000.4.8.1 - SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (aarch64 x86_64): liblouis-data-3.3.0-150000.4.8.1 liblouis-debuginfo-3.3.0-150000.4.8.1 liblouis-debugsource-3.3.0-150000.4.8.1 liblouis-devel-3.3.0-150000.4.8.1 liblouis14-3.3.0-150000.4.8.1 liblouis14-debuginfo-3.3.0-150000.4.8.1 python3-louis-3.3.0-150000.4.8.1 - SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (aarch64 x86_64): liblouis-data-3.3.0-150000.4.8.1 liblouis-debuginfo-3.3.0-150000.4.8.1 liblouis-debugsource-3.3.0-150000.4.8.1 liblouis-devel-3.3.0-150000.4.8.1 liblouis14-3.3.0-150000.4.8.1 liblouis14-debuginfo-3.3.0-150000.4.8.1 python3-louis-3.3.0-150000.4.8.1 - SUSE Linux Enterprise High Performance Computing 15-LTSS (aarch64 x86_64): liblouis-data-3.3.0-150000.4.8.1 liblouis-debuginfo-3.3.0-150000.4.8.1 liblouis-debugsource-3.3.0-150000.4.8.1 liblouis-devel-3.3.0-150000.4.8.1 liblouis14-3.3.0-150000.4.8.1 liblouis14-debuginfo-3.3.0-150000.4.8.1 python3-louis-3.3.0-150000.4.8.1 - SUSE Linux Enterprise High Performance Computing 15-ESPOS (aarch64 x86_64): liblouis-data-3.3.0-150000.4.8.1 liblouis-debuginfo-3.3.0-150000.4.8.1 liblouis-debugsource-3.3.0-150000.4.8.1 liblouis-devel-3.3.0-150000.4.8.1 liblouis14-3.3.0-150000.4.8.1 liblouis14-debuginfo-3.3.0-150000.4.8.1 python3-louis-3.3.0-150000.4.8.1 - SUSE Enterprise Storage 6 (aarch64 x86_64): liblouis-data-3.3.0-150000.4.8.1 liblouis-debuginfo-3.3.0-150000.4.8.1 liblouis-debugsource-3.3.0-150000.4.8.1 liblouis-devel-3.3.0-150000.4.8.1 liblouis14-3.3.0-150000.4.8.1 liblouis14-debuginfo-3.3.0-150000.4.8.1 python3-louis-3.3.0-150000.4.8.1 - SUSE CaaS Platform 4.0 (x86_64): liblouis-data-3.3.0-150000.4.8.1 liblouis-debuginfo-3.3.0-150000.4.8.1 liblouis-debugsource-3.3.0-150000.4.8.1 liblouis-devel-3.3.0-150000.4.8.1 liblouis14-3.3.0-150000.4.8.1 liblouis14-debuginfo-3.3.0-150000.4.8.1 python3-louis-3.3.0-150000.4.8.1 References: https://www.suse.com/security/cve/CVE-2022-26981.html https://www.suse.com/security/cve/CVE-2022-31783.html https://bugzilla.suse.com/1130813 https://bugzilla.suse.com/1197085 https://bugzilla.suse.com/1200120 . Important security patch for liblouis addressing two severe vulnerabilities. Apply suggested updates for Ubuntu versions.. SUSE Liblouis Patch, Buffer Overrun Resolution, Memory Write Update. . Severity: Important. LinuxSecurity.com Team
An update that fixes two vulnerabilities is now available. . SUSE Security Update: Security update for liblouis ______________________________________________________________________________ Announcement ID: SUSE-SU-2022:2184-1 Rating: important References: #1197085 #1200120 Cross-References: CVE-2022-26981 CVE-2022-31783 CVSS scores: CVE-2022-26981 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2022-26981 (SUSE): 7.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H CVE-2022-31783 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2022-31783 (SUSE): 6.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H Affected Products: SUSE Enterprise Storage 7 SUSE Linux Enterprise Desktop 15-SP3 SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS SUSE Linux Enterprise High Performance Computing 15-SP3 SUSE Linux Enterprise Module for Desktop Applications 15-SP3 SUSE Linux Enterprise Server 15-SP2-BCL SUSE Linux Enterprise Server 15-SP2-LTSS SUSE Linux Enterprise Server 15-SP3 SUSE Linux Enterprise Server for SAP 15-SP2 SUSE Linux Enterprise Server for SAP Applications 15-SP3 SUSE Manager Proxy 4.1 SUSE Manager Proxy 4.2 SUSE Manager Retail Branch Server 4.1 SUSE Manager Server 4.1 SUSE Manager Server 4.2 openSUSE Leap 15.3 openSUSE Leap 15.4 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: This update for liblouis fixes the following issues: - CVE-2022-26981: fixbuffer overrun in compilePassOpcode (bsc#1197085). - CVE-2022-31783: prevent an invalid memory write in compileRule (bsc#1200120). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.4: zypper in -t patch openSUSE-SLE-15.4-2022-2184=1 - openSUSE Leap 15.3: zypper in -t patch openSUSE-SLE-15.3-2022-2184=1 - SUSE Manager Server 4.1: zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-2184=1 - SUSE Manager Retail Branch Server 4.1: zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-2184=1 - SUSE Manager Proxy 4.1: zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-2184=1 - SUSE Linux Enterprise Server for SAP 15-SP2: zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-2184=1 - SUSE Linux Enterprise Server 15-SP2-LTSS: zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-2184=1 - SUSE Linux Enterprise Server 15-SP2-BCL: zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-2184=1 - SUSE Linux Enterprise Module for Desktop Applications 15-SP3: zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP3-2022-2184=1 - SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS: zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-2184=1 - SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS: zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-2184=1 - SUSE Enterprise Storage 7: zypper in -t patch SUSE-Storage-7-2022-2184=1 Package List: - openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64): liblouis19-3.11.0-150200.3.3.1 liblouis19-debuginfo-3.11.0-150200.3.3.1 - openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64): liblouis-debuginfo-3.11.0-150200.3.3.1 liblouis-debugsource-3.11.0-150200.3.3.1 liblouis-devel-3.11.0-150200.3.3.1 liblouis-doc-3.11.0-150200.3.3.1 liblouis-tools-3.11.0-150200.3.3.1 liblouis-tools-debuginfo-3.11.0-150200.3.3.1 liblouis19-3.11.0-150200.3.3.1 liblouis19-debuginfo-3.11.0-150200.3.3.1 python3-louis-3.11.0-150200.3.3.1 - openSUSE Leap 15.3 (noarch): liblouis-data-3.11.0-150200.3.3.1 - SUSE Manager Server 4.1 (ppc64le s390x x86_64): liblouis-debuginfo-3.11.0-150200.3.3.1 liblouis-debugsource-3.11.0-150200.3.3.1 liblouis-devel-3.11.0-150200.3.3.1 liblouis19-3.11.0-150200.3.3.1 liblouis19-debuginfo-3.11.0-150200.3.3.1 python3-louis-3.11.0-150200.3.3.1 - SUSE Manager Server 4.1 (noarch): liblouis-data-3.11.0-150200.3.3.1 - SUSE Manager Retail Branch Server 4.1 (noarch): liblouis-data-3.11.0-150200.3.3.1 - SUSE Manager Retail Branch Server 4.1 (x86_64): liblouis-debuginfo-3.11.0-150200.3.3.1 liblouis-debugsource-3.11.0-150200.3.3.1 liblouis-devel-3.11.0-150200.3.3.1 liblouis19-3.11.0-150200.3.3.1 liblouis19-debuginfo-3.11.0-150200.3.3.1 python3-louis-3.11.0-150200.3.3.1 - SUSE Manager Proxy 4.1 (noarch): liblouis-data-3.11.0-150200.3.3.1 - SUSE Manager Proxy 4.1 (x86_64): liblouis-debuginfo-3.11.0-150200.3.3.1 liblouis-debugsource-3.11.0-150200.3.3.1 liblouis-devel-3.11.0-150200.3.3.1 liblouis19-3.11.0-150200.3.3.1 liblouis19-debuginfo-3.11.0-150200.3.3.1 python3-louis-3.11.0-150200.3.3.1 - SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64): liblouis-debuginfo-3.11.0-150200.3.3.1 liblouis-debugsource-3.11.0-150200.3.3.1 liblouis-devel-3.11.0-150200.3.3.1 liblouis19-3.11.0-150200.3.3.1 liblouis19-debuginfo-3.11.0-150200.3.3.1 python3-louis-3.11.0-150200.3.3.1 - SUSE Linux Enterprise Server for SAP 15-SP2 (noarch): liblouis-data-3.11.0-150200.3.3.1 - SUSE Linux EnterpriseServer 15-SP2-LTSS (aarch64 ppc64le s390x x86_64): liblouis-debuginfo-3.11.0-150200.3.3.1 liblouis-debugsource-3.11.0-150200.3.3.1 liblouis-devel-3.11.0-150200.3.3.1 liblouis19-3.11.0-150200.3.3.1 liblouis19-debuginfo-3.11.0-150200.3.3.1 python3-louis-3.11.0-150200.3.3.1 - SUSE Linux Enterprise Server 15-SP2-LTSS (noarch): liblouis-data-3.11.0-150200.3.3.1 - SUSE Linux Enterprise Server 15-SP2-BCL (x86_64): liblouis-debuginfo-3.11.0-150200.3.3.1 liblouis-debugsource-3.11.0-150200.3.3.1 liblouis-devel-3.11.0-150200.3.3.1 liblouis19-3.11.0-150200.3.3.1 liblouis19-debuginfo-3.11.0-150200.3.3.1 python3-louis-3.11.0-150200.3.3.1 - SUSE Linux Enterprise Server 15-SP2-BCL (noarch): liblouis-data-3.11.0-150200.3.3.1 - SUSE Linux Enterprise Module for Desktop Applications 15-SP3 (aarch64 ppc64le s390x x86_64): liblouis-debuginfo-3.11.0-150200.3.3.1 liblouis-debugsource-3.11.0-150200.3.3.1 liblouis-devel-3.11.0-150200.3.3.1 liblouis19-3.11.0-150200.3.3.1 liblouis19-debuginfo-3.11.0-150200.3.3.1 python3-louis-3.11.0-150200.3.3.1 - SUSE Linux Enterprise Module for Desktop Applications 15-SP3 (noarch): liblouis-data-3.11.0-150200.3.3.1 - SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64): liblouis-debuginfo-3.11.0-150200.3.3.1 liblouis-debugsource-3.11.0-150200.3.3.1 liblouis-devel-3.11.0-150200.3.3.1 liblouis19-3.11.0-150200.3.3.1 liblouis19-debuginfo-3.11.0-150200.3.3.1 python3-louis-3.11.0-150200.3.3.1 - SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (noarch): liblouis-data-3.11.0-150200.3.3.1 - SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (aarch64 x86_64): liblouis-debuginfo-3.11.0-150200.3.3.1 liblouis-debugsource-3.11.0-150200.3.3.1 liblouis-devel-3.11.0-150200.3.3.1 liblouis19-3.11.0-150200.3.3.1 liblouis19-debuginfo-3.11.0-150200.3.3.1 python3-louis-3.11.0-150200.3.3.1 - SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (noarch): liblouis-data-3.11.0-150200.3.3.1 - SUSE Enterprise Storage 7 (aarch64 x86_64): liblouis-debuginfo-3.11.0-150200.3.3.1 liblouis-debugsource-3.11.0-150200.3.3.1 liblouis-devel-3.11.0-150200.3.3.1 liblouis19-3.11.0-150200.3.3.1 liblouis19-debuginfo-3.11.0-150200.3.3.1 python3-louis-3.11.0-150200.3.3.1 - SUSE Enterprise Storage 7 (noarch): liblouis-data-3.11.0-150200.3.3.1 References: https://www.suse.com/security/cve/CVE-2022-26981.html https://www.suse.com/security/cve/CVE-2022-31783.html https://bugzilla.suse.com/1197085 https://bugzilla.suse.com/1200120 . The latest update for liblouis resolves serious security vulnerabilities within SUSE Linux systems. Important buffer overflow and memory overwrite issues have been addressed.. liblouis update, SUSE security, software patch, critical update. . Severity: Important. LinuxSecurity.com Team
Get the latest Linux and open source security news straight to your inbox.