commit patchinfo.3846 for openSUSE:13.2:Update
Hello community, here is the log from the commit of package patchinfo.3846 for openSUSE:13.2:Update checked in at 2015-06-24 14:41:03 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:13.2:Update/patchinfo.3846 (Old) and /work/SRC/openSUSE:13.2:Update/.patchinfo.3846.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "patchinfo.3846" Changes: -------- New Changes file: NO CHANGES FILE!!! New: ---- _patchinfo ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ _patchinfo ++++++ <patchinfo incident="3846"> <packager>fstrba</packager> <issue tracker="bnc" id="933109">VUL-1: CVE-2015-0848: libwmf: CVE-2015-0848 - Heap overflow on libwmf0.2-7</issue> <issue tracker="cve" id="CVE-2015-0848"></issue> <issue tracker="cve" id="CVE-2015-4588"></issue> <issue tracker="cve" id="2015-0848"></issue> <category>security</category> <rating>moderate</rating> <summary>Security update for libwmf</summary> <description>libwmf was updated to fix two security issues. The following vulnerabilities were fixed: * CVE-2015-0848: An attacker that could trick a victim into opening a specially crafted WMF file with BMP portions in a libwmf based application could have executed arbitrary code with the user's privileges. (boo#933109) * CVE-2015-0848: An attacker that could trick a victim into opening a specially crafted WMF file in a libwmf based application could have executed arbitrary code through incorrect run-length encoding. (boo#933109) </description> </patchinfo>
participants (1)
-
root@hilbert.suse.de