Карточка уязвимости
Характеристики уязвимости
Уровень опасности
Оценка CVSS
(AV:N/AC:L/Au:N/C:P/I:P/A:P)
Производитель ПО
Наименование ПО
libzypp
(any)
libzypp-debuginfo
(any)
libzypp-debugsource
(any)
libzypp-devel
(any)
libzypp-devel-doc
(any)
zypper
(any)
zypper-debuginfo
(any)
zypper-debugsource
(any)
zypper-log
(any)
Описание
Уведомление безопасности об уязвимостях SUSE Linux Enterprise Software Development Kit 12-SP3, SUSE Linux Enterprise Server 12-SP3, SUSE CaaS Platform 3.0, SUSE CaaS Platform ALL, SUSE Linux Enterprise Desktop 12-SP3
Как исправить
Проблема может быть решена обновлением операционной системы до следующих версий пакетов в зависимости от архитектуры:
SUSE Linux Enterprise Software Development Kit 12-SP3:
aarch64, ppc64le, s390x, x86_64:
libzypp-debugsource - 16.17.20-2.33.2
libzypp-debuginfo - 16.17.20-2.33.2
libzypp-devel-doc - 16.17.20-2.33.2
libzypp-devel - 16.17.20-2.33.2
SUSE Linux Enterprise Server 12-SP3:
aarch64, ppc64le, s390x, x86_64:
libzypp-debugsource - 16.17.20-2.33.2
zypper-debuginfo - 1.13.45-21.21.2
libzypp - 16.17.20-2.33.2
zypper-debugsource - 1.13.45-21.21.2
libzypp-debuginfo - 16.17.20-2.33.2
zypper - 1.13.45-21.21.2
SUSE Linux Enterprise Server 12-SP3:
noarch:
zypper-log - 1.13.45-21.21.2
SUSE CaaS Platform 3.0:
x86_64:
libzypp-debugsource - 16.17.20-2.33.2
zypper-debuginfo - 1.13.45-21.21.2
libzypp - 16.17.20-2.33.2
zypper-debugsource - 1.13.45-21.21.2
libzypp-debuginfo - 16.17.20-2.33.2
zypper - 1.13.45-21.21.2
SUSE CaaS Platform ALL:
x86_64:
libzypp-debugsource - 16.17.20-2.33.2
zypper-debuginfo - 1.13.45-21.21.2
libzypp - 16.17.20-2.33.2
zypper-debugsource - 1.13.45-21.21.2
libzypp-debuginfo - 16.17.20-2.33.2
zypper - 1.13.45-21.21.2
SUSE Linux Enterprise Desktop 12-SP3:
x86_64:
libzypp-debugsource - 16.17.20-2.33.2
zypper-debuginfo - 1.13.45-21.21.2
libzypp - 16.17.20-2.33.2
zypper-debugsource - 1.13.45-21.21.2
libzypp-debuginfo - 16.17.20-2.33.2
zypper - 1.13.45-21.21.2
SUSE Linux Enterprise Desktop 12-SP3:
noarch:
zypper-log - 1.13.45-21.21.2
SUSE Linux Enterprise Software Development Kit 12-SP3:
aarch64, ppc64le, s390x, x86_64:
libzypp-debugsource - 16.17.20-2.33.2
libzypp-debuginfo - 16.17.20-2.33.2
libzypp-devel-doc - 16.17.20-2.33.2
libzypp-devel - 16.17.20-2.33.2
SUSE Linux Enterprise Server 12-SP3:
aarch64, ppc64le, s390x, x86_64:
libzypp-debugsource - 16.17.20-2.33.2
zypper-debuginfo - 1.13.45-21.21.2
libzypp - 16.17.20-2.33.2
zypper-debugsource - 1.13.45-21.21.2
libzypp-debuginfo - 16.17.20-2.33.2
zypper - 1.13.45-21.21.2
SUSE Linux Enterprise Server 12-SP3:
noarch:
zypper-log - 1.13.45-21.21.2
SUSE CaaS Platform 3.0:
x86_64:
libzypp-debugsource - 16.17.20-2.33.2
zypper-debuginfo - 1.13.45-21.21.2
libzypp - 16.17.20-2.33.2
zypper-debugsource - 1.13.45-21.21.2
libzypp-debuginfo - 16.17.20-2.33.2
zypper - 1.13.45-21.21.2
SUSE CaaS Platform ALL:
x86_64:
libzypp-debugsource - 16.17.20-2.33.2
zypper-debuginfo - 1.13.45-21.21.2
libzypp - 16.17.20-2.33.2
zypper-debugsource - 1.13.45-21.21.2
libzypp-debuginfo - 16.17.20-2.33.2
zypper - 1.13.45-21.21.2
SUSE Linux Enterprise Desktop 12-SP3:
x86_64:
libzypp-debugsource - 16.17.20-2.33.2
zypper-debuginfo - 1.13.45-21.21.2
libzypp - 16.17.20-2.33.2
zypper-debugsource - 1.13.45-21.21.2
libzypp-debuginfo - 16.17.20-2.33.2
zypper - 1.13.45-21.21.2
SUSE Linux Enterprise Desktop 12-SP3:
noarch:
zypper-log - 1.13.45-21.21.2
Ссылки
http://lists.suse.com/pipermail/sle-security-updates/2018-September/004582.html
https://bugzilla.suse.com/1036304
https://bugzilla.suse.com/1045735
https://bugzilla.suse.com/1049825
https://bugzilla.suse.com/1070851
https://bugzilla.suse.com/1076192
https://bugzilla.suse.com/1088705
https://bugzilla.suse.com/1091624
https://bugzilla.suse.com/1092413
https://bugzilla.suse.com/1096803
https://bugzilla.suse.com/1099847
https://bugzilla.suse.com/1100028
https://bugzilla.suse.com/1101349
https://bugzilla.suse.com/1102429
Источник: CVE
Наименование: CVE-2018-7685
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7685
Источник: CVE
Наименование: CVE-2017-9269
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9269
https://bugzilla.suse.com/1036304
https://bugzilla.suse.com/1045735
https://bugzilla.suse.com/1049825
https://bugzilla.suse.com/1070851
https://bugzilla.suse.com/1076192
https://bugzilla.suse.com/1088705
https://bugzilla.suse.com/1091624
https://bugzilla.suse.com/1092413
https://bugzilla.suse.com/1096803
https://bugzilla.suse.com/1099847
https://bugzilla.suse.com/1100028
https://bugzilla.suse.com/1101349
https://bugzilla.suse.com/1102429
Источник: CVE
Наименование: CVE-2018-7685
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7685
Источник: CVE
Наименование: CVE-2017-9269
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9269