SUSE-SU-2015:0434-1

See a problem?
Please try reporting it to the source first.
Source
https://www.suse.com/support/update/announcement/2015/suse-su-20150434-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2015:0434-1.json
JSON Data
https://api.test.osv.dev/v1/vulns/SUSE-SU-2015:0434-1
Upstream
Related
Published
2015-02-18T18:35:01Z
Modified
2026-01-30T02:21:00.404549Z
Summary
Security update for elfutils
Details

elfutils has been updated to fix one security issue:

* CVE-2014-9447: Directory traversal vulnerability in the
  read_long_names function in libelf/elf_begin.c in elfutils 0.152 and
  0.161 allowed remote attackers to write to arbitrary files to the
  root directory via a / (slash) in a crafted archive, as demonstrated
  using the ar program (bnc#911662).

Security Issues:

* CVE-2014-9447
  <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9447>
References

Affected packages