[SUSE-SU-2018:0119-1] Recommended update for libical
Severity
Moderate
Affected Packages
8
CVEs
6
Recommended update for libical
This update for libical fixes the following issues:
Security issues fixed:
- CVE-2016-5823: The icalproperty_new_clone function in libical 0.47 and 1.0 allows remote attackers to cause a denial of service (use-after-free) via a crafted ics file. (bnc#986632)
- CVE-2016-5824: libical 1.0 allows remote attackers to cause a denial of service (use-after-free) via a crafted ics file. (bsc#986639)
- CVE-2016-5825: The icalparser_parse_string function in libical 0.47 and 1.0 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted ics file. (bsc#986642)
- CVE-2016-5826: The parser_get_next_char function in libical 0.47 and 1.0 allows remote attackers to cause a denial of service (out-of-bounds heap read) by crafting a string to the icalparser_parse_string function. (bsc#986658)
- CVE-2016-5827: The icaltime_from_string function in libical 0.47 and 1.0 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted string to the icalparser_parse_string function. (bsc#986631)
- CVE-2016-9584: libical allows remote attackers to cause a denial of service (use-after-free) and possibly read heap memory via a crafted ics file. (bnc#1015964)
Bug fixes:
- libical crashes while parsing timezones (bsc#1044995)
Package | Affected Version |
---|---|
pkg:rpm/suse/libical0?arch=x86_64&distro=sles-11&sp=4 | < 0.43-1.10.6.1 |
pkg:rpm/suse/libical0?arch=s390x&distro=sles-11&sp=4 | < 0.43-1.10.6.1 |
pkg:rpm/suse/libical0?arch=ppc64&distro=sles-11&sp=4 | < 0.43-1.10.6.1 |
pkg:rpm/suse/libical0?arch=ia64&distro=sles-11&sp=4 | < 0.43-1.10.6.1 |
pkg:rpm/suse/libical0?arch=i586&distro=sles-11&sp=4 | < 0.43-1.10.6.1 |
pkg:rpm/suse/libical0-32bit?arch=x86_64&distro=sles-11&sp=4 | < 0.43-1.10.6.1 |
pkg:rpm/suse/libical0-32bit?arch=s390x&distro=sles-11&sp=4 | < 0.43-1.10.6.1 |
pkg:rpm/suse/libical0-32bit?arch=ppc64&distro=sles-11&sp=4 | < 0.43-1.10.6.1 |
- ID
- SUSE-SU-2018:0119-1
- Severity
- moderate
- URL
- https://www.suse.com/support/update/announcement/2018/suse-su-20180119-1/
- Published
-
2018-01-17T10:52:10
(6 years ago) - Modified
-
2018-01-17T10:52:10
(6 years ago) - Rights
- Copyright 2024 SUSE LLC. All rights reserved.
- Other Advisories
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/suse/libical0?arch=x86_64&distro=sles-11&sp=4 | suse | libical0 | < 0.43-1.10.6.1 | sles-11 | x86_64 | |
Affected | pkg:rpm/suse/libical0?arch=s390x&distro=sles-11&sp=4 | suse | libical0 | < 0.43-1.10.6.1 | sles-11 | s390x | |
Affected | pkg:rpm/suse/libical0?arch=ppc64&distro=sles-11&sp=4 | suse | libical0 | < 0.43-1.10.6.1 | sles-11 | ppc64 | |
Affected | pkg:rpm/suse/libical0?arch=ia64&distro=sles-11&sp=4 | suse | libical0 | < 0.43-1.10.6.1 | sles-11 | ia64 | |
Affected | pkg:rpm/suse/libical0?arch=i586&distro=sles-11&sp=4 | suse | libical0 | < 0.43-1.10.6.1 | sles-11 | i586 | |
Affected | pkg:rpm/suse/libical0-32bit?arch=x86_64&distro=sles-11&sp=4 | suse | libical0-32bit | < 0.43-1.10.6.1 | sles-11 | x86_64 | |
Affected | pkg:rpm/suse/libical0-32bit?arch=s390x&distro=sles-11&sp=4 | suse | libical0-32bit | < 0.43-1.10.6.1 | sles-11 | s390x | |
Affected | pkg:rpm/suse/libical0-32bit?arch=ppc64&distro=sles-11&sp=4 | suse | libical0-32bit | < 0.43-1.10.6.1 | sles-11 | ppc64 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |