SUSE-SU-2023:0171-1 -- SLES libXpmID: oval:org.secpod.oval:def:89048176 | Date: (C)2023-02-02 (M)2023-11-09 |
Class: PATCH | Family: unix |
This update for libXpm fixes the following issues: - CVE-2022-46285: Fixed an infinite loop that could be triggered when reading a XPM image with a C-style comment that is never closed . - CVE-2022-44617: Fixed an excessive resource consumption that could be triggered when reading small crafted XPM image . - CVE-2022-4883: Fixed an issue that made decompression commands susceptible to PATH environment variable manipulation attacks .
Platform: |
SUSE Linux Enterprise Desktop 15 SP4 |
SUSE Linux Enterprise Server 15 SP4 |
SUSE Linux Enterprise Server 15 SP2 |
SUSE Linux Enterprise Server 15 SP3 |
SUSE Linux Enterprise Server 15 SP1 |