SUSE-SU-2019:0228-1
- Source
- https://www.suse.com/support/update/announcement/2019/suse-su-20190228-1/
- Import Source
- https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2019:0228-1.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/SUSE-SU-2019:0228-1
- Related
- Published
- 2019-02-05T09:07:24Z
- Modified
- 2019-02-05T09:07:24Z
- Summary
- Security update for uriparser
- Details
-
This update for uriparser fixes the following issues:
Security issues fixed:
- CVE-2018-20721: Fixed an out-of-bounds read for incomplete URIs with IPv6 addresses with embedded IPv4 address (bsc#1122193).
- CVE-2018-19198: Fixed an out-of-bounds write that was possible via the uriComposeQuery* or uriComposeQueryEx* function (bsc#1115722).
- CVE-2018-19199: Fixed an integer overflow caused by an unchecked multiplication via the uriComposeQuery* or uriComposeQueryEx* function (bsc#1115723).
- CVE-2018-19200: Fixed a operation attempted on NULL input via a uriResetUri* function (bsc#1115724).
- References
-
- https://www.suse.com/support/update/announcement/2019/suse-su-20190228-1/
- https://bugzilla.suse.com/1115722
- https://bugzilla.suse.com/1115723
- https://bugzilla.suse.com/1115724
- https://bugzilla.suse.com/1122193
- https://www.suse.com/security/cve/CVE-2018-19198
- https://www.suse.com/security/cve/CVE-2018-19199
- https://www.suse.com/security/cve/CVE-2018-19200
- https://www.suse.com/security/cve/CVE-2018-20721