Early Access — Mondoo Vulnerability Intelligence is currently in preview.

SUSE-SU-2021:2792-1

UNKNOWN

Security update for libass

Published Aug 20, 2021

Modified 4 years ago

Fix available

Details

This update for libass fixes the following issues:

CVE-2020-36430: Fixed heap-based buffer overflow in decode_chars (bsc#1188539).

Affected Packages

SUSE:Enterprise Storage 6libass

Fixed in:

0.14.0-3.9.1

SUSE:Enterprise Storage 6libass-devel

Fixed in:

0.14.0-3.9.1

SUSE:Enterprise Storage 6libass9

Fixed in:

0.14.0-3.9.1

SUSE:Linux Enterprise High Performance Computing 15 SP1-ESPOSlibass

Fixed in:

0.14.0-3.9.1

SUSE:Linux Enterprise High Performance Computing 15 SP1-ESPOSlibass-devel

Fixed in:

0.14.0-3.9.1

SUSE:Linux Enterprise High Performance Computing 15 SP1-ESPOSlibass9

Fixed in:

0.14.0-3.9.1

SUSE:Linux Enterprise High Performance Computing 15 SP1-LTSSlibass

Fixed in:

0.14.0-3.9.1

SUSE:Linux Enterprise High Performance Computing 15 SP1-LTSSlibass-devel

Fixed in:

0.14.0-3.9.1

SUSE:Linux Enterprise High Performance Computing 15 SP1-LTSSlibass9

Fixed in:

0.14.0-3.9.1

SUSE:Linux Enterprise High Performance Computing 15-ESPOSlibass

Fixed in:

0.14.0-3.9.1

SUSE:Linux Enterprise High Performance Computing 15-ESPOSlibass-devel

Fixed in:

0.14.0-3.9.1

SUSE:Linux Enterprise High Performance Computing 15-ESPOSlibass9

Fixed in:

0.14.0-3.9.1

SUSE:Linux Enterprise High Performance Computing 15-LTSSlibass

Fixed in:

0.14.0-3.9.1

SUSE:Linux Enterprise High Performance Computing 15-LTSSlibass-devel

Fixed in:

0.14.0-3.9.1

SUSE:Linux Enterprise High Performance Computing 15-LTSSlibass9

Fixed in:

0.14.0-3.9.1

SUSE:Linux Enterprise Module for Desktop Applications 15 SP2libass

Fixed in:

0.14.0-3.9.1

SUSE:Linux Enterprise Module for Desktop Applications 15 SP2libass-devel

Fixed in:

0.14.0-3.9.1

SUSE:Linux Enterprise Module for Desktop Applications 15 SP2libass9

Fixed in:

0.14.0-3.9.1

SUSE:Linux Enterprise Module for Desktop Applications 15 SP3libass

Fixed in:

0.14.0-3.9.1

SUSE:Linux Enterprise Module for Desktop Applications 15 SP3libass-devel

Fixed in:

0.14.0-3.9.1

SUSE:Linux Enterprise Module for Desktop Applications 15 SP3libass9

Fixed in:

0.14.0-3.9.1

SUSE:Linux Enterprise Server 15 SP1-BCLlibass

Fixed in:

0.14.0-3.9.1

SUSE:Linux Enterprise Server 15 SP1-BCLlibass-devel

Fixed in:

0.14.0-3.9.1

SUSE:Linux Enterprise Server 15 SP1-BCLlibass9

Fixed in:

0.14.0-3.9.1

SUSE:Linux Enterprise Server 15 SP1-LTSSlibass

Fixed in:

0.14.0-3.9.1

SUSE:Linux Enterprise Server 15 SP1-LTSSlibass-devel

Fixed in:

0.14.0-3.9.1

SUSE:Linux Enterprise Server 15 SP1-LTSSlibass9

Fixed in:

0.14.0-3.9.1

SUSE:Linux Enterprise Server 15-LTSSlibass

Fixed in:

0.14.0-3.9.1

SUSE:Linux Enterprise Server 15-LTSSlibass-devel

Fixed in:

0.14.0-3.9.1

SUSE:Linux Enterprise Server 15-LTSSlibass9

Fixed in:

0.14.0-3.9.1

SUSE:Linux Enterprise Server for SAP Applications 15libass

Fixed in:

0.14.0-3.9.1

SUSE:Linux Enterprise Server for SAP Applications 15libass-devel

Fixed in:

0.14.0-3.9.1

SUSE:Linux Enterprise Server for SAP Applications 15libass9

Fixed in:

0.14.0-3.9.1

SUSE:Linux Enterprise Server for SAP Applications 15 SP1libass

Fixed in:

0.14.0-3.9.1

SUSE:Linux Enterprise Server for SAP Applications 15 SP1libass-devel

Fixed in:

0.14.0-3.9.1

SUSE:Linux Enterprise Server for SAP Applications 15 SP1libass9

Fixed in:

0.14.0-3.9.1

SUSE:Manager Proxy 4.0libass

Fixed in:

0.14.0-3.9.1

SUSE:Manager Proxy 4.0libass-devel

Fixed in:

0.14.0-3.9.1

SUSE:Manager Proxy 4.0libass9

Fixed in:

0.14.0-3.9.1

SUSE:Manager Retail Branch Server 4.0libass

Fixed in:

0.14.0-3.9.1

SUSE:Manager Retail Branch Server 4.0libass-devel

Fixed in:

0.14.0-3.9.1

SUSE:Manager Retail Branch Server 4.0libass9

Fixed in:

0.14.0-3.9.1

SUSE:Manager Server 4.0libass

Fixed in:

0.14.0-3.9.1

SUSE:Manager Server 4.0libass-devel

Fixed in:

0.14.0-3.9.1

SUSE:Manager Server 4.0libass9

Fixed in:

0.14.0-3.9.1

References

REPORThttps://bugzilla.suse.com/1188539 WEBhttps://www.suse.com/security/cve/CVE-2020-36430 ADVISORYhttps://www.suse.com/support/update/announcement/2021/suse-su-20212792-1/

Upstream

CVE-2020-36430

Ecosystems

Timeline

PublishedAug 20, 2021

ModifiedAug 20, 2021

SUSE-SU-2021:2792-1 | Mondoo Vulnerability Intelligence

SUSE-SU-2021:2792-1

Details

Affected Packages

References

Upstream

Related

Ecosystems

Timeline