Overview

File _patchinfo of Package patchinfo.6978

<patchinfo incident="6978">
  <issue id="1044970" tracker="bnc">ODBC driver has --enable-fastvalidate disabled</issue>
  <issue id="1082484" tracker="bnc">VUL-0: CVE-2018-7485: unixODBC: Swapped arguments in SQLWriteFileDSN() in odbcinst/SQLWriteFileDSN.c</issue>
  <issue id="1082060" tracker="bnc">VUL-0: unixODBC: various issues fixed in  unixODBC  2.3.5</issue>
  <issue id="1082290" tracker="bnc">VUL-0: CVE-2018-7409: unixODBC: Buffer overflow in unicode_to_ansi_copy()</issue>
  <issue id="2018-7409" tracker="cve" />
  <issue id="2018-7485" tracker="cve" />
  <category>security</category>
  <rating>moderate</rating>
  <packager>mvetter</packager>
  <description>

This update for unixODBC to version 2.3.6 fixes the following issues:

- CVE-2018-7409: Buffer overflow in unicode_to_ansi_copy() was fixed in 2.3.5 (bsc#1082290)
- CVE-2018-7485: Swapped arguments in SQLWriteFileDSN() in odbcinst/SQLWriteFileDSN.c (bsc#1082484)

Other fixes:

- Enabled --enable-fastvalidate option in configure (bsc#1044970)
</description>
  <summary>Security update for unixODBC</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places