SUSE-SU-2017:0713-1

UNKNOWN

Security update for sane-backends

Published Mar 17, 2017

Modified 8 years ago

Fix available

Details

This update for sane-backends fixes the following issues:

saned could have leaked uninitialized memory back to its requesters for some opcodes, allowing for information disclosure of saned memory (CVE-2017-6318, bsc#1027197).

Affected Packages

sane-backends

SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Server 12 SP1SUSE Linux Enterprise Server 12 SP2SUSE Linux Enterprise Server for Raspberry Pi 12 SP2

Fixed in:

1.0.24-3.1

sane-backends-32bit

SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Workstation Extension 12 SP1SUSE Linux Enterprise Workstation Extension 12 SP2

Fixed in:

1.0.24-3.1

sane-backends-autoconfig

SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Workstation Extension 12 SP1SUSE Linux Enterprise Workstation Extension 12 SP2

Fixed in:

1.0.24-3.1

sane-backends-devel

SUSE Linux Enterprise Software Development Kit 12 SP1SUSE Linux Enterprise Software Development Kit 12 SP2

Fixed in:

1.0.24-3.1

References

REPORT

https://bugzilla.suse.com/1027197

WEB

https://www.suse.com/security/cve/CVE-2017-6318

ADVISORY