SUSE-SU-2023:0165-1 -- SLES libXpmID: oval:org.secpod.oval:def:89048166 | Date: (C)2023-02-02 (M)2023-11-09 |
Class: PATCH | Family: unix |
This update for libXpm fixes the following issues: - CVE-2022-46285: Fixed an infinite loop that could be triggered when reading a XPM image with a C-style comment that is never closed . - CVE-2022-44617: Fixed an excessive resource consumption that could be triggered when reading small crafted XPM image . - CVE-2022-4883: Fixed an issue that made decompression commands susceptible to PATH environment variable manipulation attacks .
Platform: |
SUSE Linux Enterprise Server 12 SP2 |
SUSE Linux Enterprise Server 12 SP5 |
SUSE Linux Enterprise Server 12 SP4 |