Overview

File _patchinfo of Package patchinfo.10738

<patchinfo incident="10738">
 <issue tracker="bnc" id="1140254">VUL-0: CVE-2019-7165,CVE-2019-12594: dosbox: Parsing buffer overflow and access control issue</issue>
  <issue tracker="cve" id="2019-7165"/>
  <issue tracker="cve" id="2019-12594"/>
  <packager>lnussel</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for dosbox</summary>
  <description>This update for dosbox fixes the following issues:

Security issues fixed:

- CVE-2019-7165: Fixed that a very long line inside a bat file would overflow the parsing buffer (bnc#1140254).
- CVE-2019-12594: Added a basic permission system so that a program running inside DOSBox can't access the contents of /proc (e.g. /proc/self/mem) when / or /proc were (to be) mounted (bnc#1140254).
- Several other fixes for out of bounds access and buffer overflows.
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places