SUSE-SU-2023:4225-1

HIGH8.1

Security update for zchunk

Published Oct 27, 2023

Modified 2 years ago

Fix available

Details

Description of the patch:

This update for zchunk fixes the following issues:

CVE-2023-46228: Fixed a handle overflow errors in malformed zchunk files. (bsc#1216268)

Affected Packages

libzck1

SUSE Linux Enterprise Desktop 15 SP4SUSE Linux Enterprise Desktop 15 SP5SUSE Linux Enterprise High Performance Computing 15 SP4SUSE Linux Enterprise High Performance Computing 15 SP5SUSE Linux Enterprise Installer Updates 15 SP4

Fixed in:

1.1.16-150400.3.7.1

libzck-devel

SUSE Linux Enterprise Desktop 15 SP5SUSE Linux Enterprise High Performance Computing 15 SP5SUSE Linux Enterprise Micro 5.3SUSE Linux Enterprise Module for Basesystem 15 SP4SUSE Linux Enterprise Module for Basesystem 15 SP5

Fixed in:

1.1.16-150400.3.7.1

zchunk

Fixed in:

1.1.16-150400.3.7.1

References

ADVISORY

https://bugzilla.suse.com/1216268

ADVISORY

https://lists.suse.com/pipermail/sle-security-updates/2023-October/016891.html

ADVISORY

https://www.suse.com/security/cve/CVE-2023-46228/