Overview

File _patchinfo of Package patchinfo.6313

<patchinfo incident="6313">
  <packager>AndreasStieger</packager>
  <issue tracker="cve" id="2017-5209"></issue>
  <issue tracker="cve" id="2017-5545"></issue>
  <issue tracker="bnc" id="1019531">VUL-1: CVE-2017-5209: libplist: base64decode buffer over-read via split encoded Apple Property List data</issue>
  <issue tracker="bnc" id="1021610">VUL-1: CVE-2017-5545: libplist: invalid read on too short input files</issue>
  <category>security</category>
  <rating>low</rating>
  <summary>Security update for libplist</summary>
  <description>This update for libplist addresses the following vulnerabilities:

- CVE-2017-5545: OOB heap buffer read which could allow attackers to obtain sensitive information from process memory or cause a DoS (bsc#1021610)
- CVE-2017-5209: base64decode function could have allowed attackers to obtain sensitive information from process memory or cause a denial of service (buffer over-read) via split encoded Apple Property List data</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places