SUSE-SU-2017:0694-1: moderate: Security update for gegl

sle-security-updates at lists.suse.com sle-security-updates at lists.suse.com
Wed Mar 15 08:08:03 MDT 2017 

   SUSE Security Update: Security update for gegl
______________________________________________________________________________

Announcement ID:    SUSE-SU-2017:0694-1
Rating:             moderate
References:         #789835 
Cross-References:   CVE-2012-4433
Affected Products:
                    SUSE Linux Enterprise Workstation Extension 12-SP2
                    SUSE Linux Enterprise Software Development Kit 12-SP2
                    SUSE Linux Enterprise Desktop 12-SP2
______________________________________________________________________________

   An update that fixes one vulnerability is now available.

Description:


   This update for gegl fixes the following issues:

   Security issue fixed:
   - Fix CVE-2012-4433: Fix buffer overflow in and add plausibility checks to
     ppm-load op (bsc#789835).


Patch Instructions:

   To install this SUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Workstation Extension 12-SP2:

      zypper in -t patch SUSE-SLE-WE-12-SP2-2017-378=1

   - SUSE Linux Enterprise Software Development Kit 12-SP2:

      zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-378=1

   - SUSE Linux Enterprise Desktop 12-SP2:

      zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-378=1

   To bring your system up-to-date, use "zypper patch".


Package List:

   - SUSE Linux Enterprise Workstation Extension 12-SP2 (noarch):

      gegl-0_2-lang-0.2.0-14.3

   - SUSE Linux Enterprise Workstation Extension 12-SP2 (x86_64):

      gegl-0_2-0.2.0-14.3
      gegl-0_2-debuginfo-0.2.0-14.3
      gegl-debuginfo-0.2.0-14.3
      gegl-debugsource-0.2.0-14.3
      libgegl-0_2-0-0.2.0-14.3
      libgegl-0_2-0-debuginfo-0.2.0-14.3

   - SUSE Linux Enterprise Software Development Kit 12-SP2 (aarch64 ppc64le s390x x86_64):

      gegl-debuginfo-0.2.0-14.3
      gegl-debugsource-0.2.0-14.3
      gegl-devel-0.2.0-14.3
      libgegl-0_2-0-0.2.0-14.3
      libgegl-0_2-0-debuginfo-0.2.0-14.3

   - SUSE Linux Enterprise Desktop 12-SP2 (x86_64):

      gegl-0_2-0.2.0-14.3
      gegl-0_2-debuginfo-0.2.0-14.3
      gegl-debuginfo-0.2.0-14.3
      gegl-debugsource-0.2.0-14.3
      libgegl-0_2-0-0.2.0-14.3
      libgegl-0_2-0-debuginfo-0.2.0-14.3

   - SUSE Linux Enterprise Desktop 12-SP2 (noarch):

      gegl-0_2-lang-0.2.0-14.3


References:

   https://www.suse.com/security/cve/CVE-2012-4433.html
   https://bugzilla.suse.com/789835

More information about the sle-security-updates mailing list