SUSE-SU-2020:1658-1

HIGH7.5

Security update for gegl

Published Jun 18, 2020

Modified 5 years ago

Fix available

Details

Description of the patch:

This update for gegl fixes the following issues:

CVE-2018-10113: The process function in operations/external/ppm-load.c has unbounded memory allocation, leading to a denial of service (application crash) upon allocation failure. (bsc#1089731)

Affected Packages

gegl-devel

SUSE Linux Enterprise Software Development Kit 12 SP4SUSE Linux Enterprise Software Development Kit 12 SP5

Fixed in:

0.2.0-15.3.99

libgegl-0_2-0

SUSE Linux Enterprise Software Development Kit 12 SP4SUSE Linux Enterprise Software Development Kit 12 SP5SUSE Linux Enterprise Workstation Extension 12 SP4SUSE Linux Enterprise Workstation Extension 12 SP5

Fixed in:

0.2.0-15.3.99

gegl-0_2

SUSE Linux Enterprise Workstation Extension 12 SP4SUSE Linux Enterprise Workstation Extension 12 SP5

Fixed in:

0.2.0-15.3.99

gegl-0_2-lang

SUSE Linux Enterprise Workstation Extension 12 SP4SUSE Linux Enterprise Workstation Extension 12 SP5

Fixed in:

0.2.0-15.3.99

References

ADVISORY