SUSE-SU-2017:2201-1 -- SLES libplistID: oval:org.secpod.oval:def:89044681 | Date: (C)2021-07-07 (M)2022-10-10 |
Class: PATCH | Family: unix |
This update for libplist fixes the following issues: Security issues fixed: - CVE-2017-6439: Heap-based buffer overflow in the parse_string_node function. - CVE-2017-6438: Heap-based buffer overflow in the parse_unicode_node function. - CVE-2017-6437: The base64encode function in base64.c allows local users to cause denial of service via a crafted plist file. - CVE-2017-6436: Integer overflow in parse_string_node. - CVE-2017-6435: Crafted plist file could lead to Heap-buffer overflow
Platform: |
SUSE Linux Enterprise Server 12 SP3 |
SUSE Linux Enterprise Server 12 SP2 |