[Bug 1118348] VUL-1: CVE-2018-19837: libsass: Sass:Eval:operator()(Sass:Binary_Expression*) inside eval.cpp allows attackers to cause a denial-of-service resulting from stack consumption via a crafted sass file

http://bugzilla.suse.com/show_bug.cgi?id=1118348 http://bugzilla.suse.com/show_bug.cgi?id=1118348#c5 --- Comment #5 from Swamp Workflow Management --- openSUSE-SU-2019:1791-1: An update that fixes 12 vulnerabilities is now available. Category: security (moderate) Bug References: 1096894,1118301,1118346,1118348,1118349,1118351,1119789,1121943,1121944,1121945,1133200,1133201 CVE References: CVE-2018-11499,CVE-2018-19797,CVE-2018-19827,CVE-2018-19837,CVE-2018-19838,CVE-2018-19839,CVE-2018-20190,CVE-2018-20821,CVE-2018-20822,CVE-2019-6283,CVE-2019-6284,CVE-2019-6286 Sources used: openSUSE Leap 15.1 (src): libsass-3.6.1-lp151.3.3.1 openSUSE Leap 15.0 (src): libsass-3.6.1-lp150.2.3.1 -- You are receiving this mail because: You are on the CC list for the bug.