SUSE-SU-2017:1603-1 -- SLES netpbm, libnetpbm11ID: oval:org.secpod.oval:def:89044912 | Date: (C)2021-07-20 (M)2022-10-10 |
Class: PATCH | Family: unix |
This update for netpbm fixes the following issues: Security bugs: * CVE-2017-2586: A NULL pointer dereference in stringToUint function could lead to a denial of service problem when processing malformed images. [bsc#1024292] * CVE-2017-2581: A out-of-bounds write in writeRasterPbm could be used by attackers to crash the decoder or potentially execute code. [bsc#1024287] * CVE-2017-2587: A insufficient size check of memory allocation in createCanvas function could be used for a denial of service attack [bsc#1024294]
Platform: |
SUSE Linux Enterprise Server 12 SP2 |
Product: |
netpbm |
libnetpbm11 |