Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2014-9862 (GCVE-0-2014-9862)
Vulnerability from cvelistv5
Published
2016-07-22 01:00
Modified
2024-08-06 13:55
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Integer signedness error in bspatch.c in bspatch in bsdiff, as used in Apple OS X before 10.11.6 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow) via a crafted patch file.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T13:55:04.641Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "91824",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/91824"
},
{
"name": "FreeBSD-SA-16:25",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD",
"x_transferred"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-16:25.bspatch.asc"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://android.googlesource.com/platform/external/bsdiff/+/4d054795b673855e3a7556c6f2f7ab99ca509998"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://chromium.googlesource.com/chromiumos/third_party/bsdiff/+/d0307d1711bd74e51b783a49f9160775aa22e659"
},
{
"name": "APPLE-SA-2016-07-18-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html"
},
{
"name": "1036438",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036438"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.chromium.org/p/chromium/issues/detail?id=372525"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/HT206903"
},
{
"name": "openSUSE-SU-2016:1977",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-08/msg00026.html"
},
{
"name": "[debian-lts-announce] 20191126 [SECURITY] [DLA 2010-1] bsdiff security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/11/msg00028.html"
},
{
"name": "GLSA-202003-44",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202003-44"
},
{
"name": "[oss-security] 20200709 X41 D-Sec GmbH Security Advisory X41-2020-006: Memory Corruption Vulnerability in bspatch",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2020/07/09/2"
},
{
"name": "20200709 X41 D-Sec GmbH Security Advisory X41-2020-006: Memory Corruption Vulnerability in bspatch",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2020/Jul/8"
},
{
"name": "USN-4500-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4500-1/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-07-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer signedness error in bspatch.c in bspatch in bsdiff, as used in Apple OS X before 10.11.6 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow) via a crafted patch file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-09-17T13:06:11",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "91824",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/91824"
},
{
"name": "FreeBSD-SA-16:25",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-16:25.bspatch.asc"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://android.googlesource.com/platform/external/bsdiff/+/4d054795b673855e3a7556c6f2f7ab99ca509998"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://chromium.googlesource.com/chromiumos/third_party/bsdiff/+/d0307d1711bd74e51b783a49f9160775aa22e659"
},
{
"name": "APPLE-SA-2016-07-18-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html"
},
{
"name": "1036438",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036438"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.chromium.org/p/chromium/issues/detail?id=372525"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/HT206903"
},
{
"name": "openSUSE-SU-2016:1977",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-08/msg00026.html"
},
{
"name": "[debian-lts-announce] 20191126 [SECURITY] [DLA 2010-1] bsdiff security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/11/msg00028.html"
},
{
"name": "GLSA-202003-44",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202003-44"
},
{
"name": "[oss-security] 20200709 X41 D-Sec GmbH Security Advisory X41-2020-006: Memory Corruption Vulnerability in bspatch",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2020/07/09/2"
},
{
"name": "20200709 X41 D-Sec GmbH Security Advisory X41-2020-006: Memory Corruption Vulnerability in bspatch",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2020/Jul/8"
},
{
"name": "USN-4500-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4500-1/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-9862",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer signedness error in bspatch.c in bspatch in bsdiff, as used in Apple OS X before 10.11.6 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow) via a crafted patch file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "91824",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91824"
},
{
"name": "FreeBSD-SA-16:25",
"refsource": "FREEBSD",
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-16:25.bspatch.asc"
},
{
"name": "https://android.googlesource.com/platform/external/bsdiff/+/4d054795b673855e3a7556c6f2f7ab99ca509998",
"refsource": "CONFIRM",
"url": "https://android.googlesource.com/platform/external/bsdiff/+/4d054795b673855e3a7556c6f2f7ab99ca509998"
},
{
"name": "https://chromium.googlesource.com/chromiumos/third_party/bsdiff/+/d0307d1711bd74e51b783a49f9160775aa22e659",
"refsource": "CONFIRM",
"url": "https://chromium.googlesource.com/chromiumos/third_party/bsdiff/+/d0307d1711bd74e51b783a49f9160775aa22e659"
},
{
"name": "APPLE-SA-2016-07-18-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html"
},
{
"name": "1036438",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036438"
},
{
"name": "https://bugs.chromium.org/p/chromium/issues/detail?id=372525",
"refsource": "CONFIRM",
"url": "https://bugs.chromium.org/p/chromium/issues/detail?id=372525"
},
{
"name": "https://support.apple.com/HT206903",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT206903"
},
{
"name": "openSUSE-SU-2016:1977",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2016-08/msg00026.html"
},
{
"name": "[debian-lts-announce] 20191126 [SECURITY] [DLA 2010-1] bsdiff security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2019/11/msg00028.html"
},
{
"name": "GLSA-202003-44",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202003-44"
},
{
"name": "[oss-security] 20200709 X41 D-Sec GmbH Security Advisory X41-2020-006: Memory Corruption Vulnerability in bspatch",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2020/07/09/2"
},
{
"name": "20200709 X41 D-Sec GmbH Security Advisory X41-2020-006: Memory Corruption Vulnerability in bspatch",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2020/Jul/8"
},
{
"name": "USN-4500-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4500-1/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-9862",
"datePublished": "2016-07-22T01:00:00",
"dateReserved": "2016-06-09T00:00:00",
"dateUpdated": "2024-08-06T13:55:04.641Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2014-9862\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2016-07-22T02:59:00.127\",\"lastModified\":\"2025-04-12T10:46:40.837\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Integer signedness error in bspatch.c in bspatch in bsdiff, as used in Apple OS X before 10.11.6 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow) via a crafted patch file.\"},{\"lang\":\"es\",\"value\":\"Error de entero sin signo en bspatch.c en bspatch en bsdiff, como se utiliza en Apple OS X en versiones anteriores a 10.11.6 y otros productos, permite a atacantes remotos ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (desbordamiento de buffer basado en memoria din\u00e1mica) a trav\u00e9s de un archivo de revisi\u00f3n manipulado.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:C/I:C/A:C\",\"baseScore\":7.2,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":3.9,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-190\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"10.11.5\",\"matchCriteriaId\":\"73712D16-E03B-4230-B253-4E96EEE61EA7\"}]}]}],\"references\":[{\"url\":\"http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Vendor Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2016-08/msg00026.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://seclists.org/fulldisclosure/2020/Jul/8\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2020/07/09/2\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/91824\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securitytracker.com/id/1036438\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://android.googlesource.com/platform/external/bsdiff/+/4d054795b673855e3a7556c6f2f7ab99ca509998\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://bugs.chromium.org/p/chromium/issues/detail?id=372525\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://chromium.googlesource.com/chromiumos/third_party/bsdiff/+/d0307d1711bd74e51b783a49f9160775aa22e659\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2019/11/msg00028.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://security.FreeBSD.org/advisories/FreeBSD-SA-16:25.bspatch.asc\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://security.gentoo.org/glsa/202003-44\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://support.apple.com/HT206903\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://usn.ubuntu.com/4500-1/\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Vendor Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2016-08/msg00026.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://seclists.org/fulldisclosure/2020/Jul/8\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2020/07/09/2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/91824\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id/1036438\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://android.googlesource.com/platform/external/bsdiff/+/4d054795b673855e3a7556c6f2f7ab99ca509998\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://bugs.chromium.org/p/chromium/issues/detail?id=372525\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://chromium.googlesource.com/chromiumos/third_party/bsdiff/+/d0307d1711bd74e51b783a49f9160775aa22e659\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2019/11/msg00028.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.FreeBSD.org/advisories/FreeBSD-SA-16:25.bspatch.asc\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.gentoo.org/glsa/202003-44\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://support.apple.com/HT206903\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://usn.ubuntu.com/4500-1/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
}
}
ghsa-gv4w-9q78-3649
Vulnerability from github
Published
2022-05-13 01:16
Modified
2025-04-12 13:02
Severity ?
VLAI Severity ?
Details
Integer signedness error in bspatch.c in bspatch in bsdiff, as used in Apple OS X before 10.11.6 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow) via a crafted patch file.
{
"affected": [],
"aliases": [
"CVE-2014-9862"
],
"database_specific": {
"cwe_ids": [
"CWE-190"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2016-07-22T02:59:00Z",
"severity": "HIGH"
},
"details": "Integer signedness error in bspatch.c in bspatch in bsdiff, as used in Apple OS X before 10.11.6 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow) via a crafted patch file.",
"id": "GHSA-gv4w-9q78-3649",
"modified": "2025-04-12T13:02:43Z",
"published": "2022-05-13T01:16:13Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-9862"
},
{
"type": "WEB",
"url": "https://android.googlesource.com/platform/external/bsdiff/+/4d054795b673855e3a7556c6f2f7ab99ca509998"
},
{
"type": "WEB",
"url": "https://bugs.chromium.org/p/chromium/issues/detail?id=372525"
},
{
"type": "WEB",
"url": "https://chromium.googlesource.com/chromiumos/third_party/bsdiff/+/d0307d1711bd74e51b783a49f9160775aa22e659"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2019/11/msg00028.html"
},
{
"type": "WEB",
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-16:25.bspatch.asc"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/202003-44"
},
{
"type": "WEB",
"url": "https://support.apple.com/HT206903"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/4500-1"
},
{
"type": "WEB",
"url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-updates/2016-08/msg00026.html"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2020/Jul/8"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2020/07/09/2"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/91824"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id/1036438"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
opensuse-su-2024:12242-1
Vulnerability from csaf_opensuse
Published
2024-06-15 00:00
Modified
2024-06-15 00:00
Summary
libostree-1-1-2022.5-1.1 on GA media
Notes
Title of the patch
libostree-1-1-2022.5-1.1 on GA media
Description of the patch
These are all security issues fixed in the libostree-1-1-2022.5-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2024-12242
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "libostree-1-1-2022.5-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the libostree-1-1-2022.5-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-12242",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_12242-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-9862 page",
"url": "https://www.suse.com/security/cve/CVE-2014-9862/"
}
],
"title": "libostree-1-1-2022.5-1.1 on GA media",
"tracking": {
"current_release_date": "2024-06-15T00:00:00Z",
"generator": {
"date": "2024-06-15T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:12242-1",
"initial_release_date": "2024-06-15T00:00:00Z",
"revision_history": [
{
"date": "2024-06-15T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libostree-2022.5-1.1.aarch64",
"product": {
"name": "libostree-2022.5-1.1.aarch64",
"product_id": "libostree-2022.5-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "libostree-1-1-2022.5-1.1.aarch64",
"product": {
"name": "libostree-1-1-2022.5-1.1.aarch64",
"product_id": "libostree-1-1-2022.5-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "libostree-devel-2022.5-1.1.aarch64",
"product": {
"name": "libostree-devel-2022.5-1.1.aarch64",
"product_id": "libostree-devel-2022.5-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "libostree-grub2-2022.5-1.1.aarch64",
"product": {
"name": "libostree-grub2-2022.5-1.1.aarch64",
"product_id": "libostree-grub2-2022.5-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "typelib-1_0-OSTree-1_0-2022.5-1.1.aarch64",
"product": {
"name": "typelib-1_0-OSTree-1_0-2022.5-1.1.aarch64",
"product_id": "typelib-1_0-OSTree-1_0-2022.5-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libostree-2022.5-1.1.ppc64le",
"product": {
"name": "libostree-2022.5-1.1.ppc64le",
"product_id": "libostree-2022.5-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libostree-1-1-2022.5-1.1.ppc64le",
"product": {
"name": "libostree-1-1-2022.5-1.1.ppc64le",
"product_id": "libostree-1-1-2022.5-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libostree-devel-2022.5-1.1.ppc64le",
"product": {
"name": "libostree-devel-2022.5-1.1.ppc64le",
"product_id": "libostree-devel-2022.5-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libostree-grub2-2022.5-1.1.ppc64le",
"product": {
"name": "libostree-grub2-2022.5-1.1.ppc64le",
"product_id": "libostree-grub2-2022.5-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "typelib-1_0-OSTree-1_0-2022.5-1.1.ppc64le",
"product": {
"name": "typelib-1_0-OSTree-1_0-2022.5-1.1.ppc64le",
"product_id": "typelib-1_0-OSTree-1_0-2022.5-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libostree-2022.5-1.1.s390x",
"product": {
"name": "libostree-2022.5-1.1.s390x",
"product_id": "libostree-2022.5-1.1.s390x"
}
},
{
"category": "product_version",
"name": "libostree-1-1-2022.5-1.1.s390x",
"product": {
"name": "libostree-1-1-2022.5-1.1.s390x",
"product_id": "libostree-1-1-2022.5-1.1.s390x"
}
},
{
"category": "product_version",
"name": "libostree-devel-2022.5-1.1.s390x",
"product": {
"name": "libostree-devel-2022.5-1.1.s390x",
"product_id": "libostree-devel-2022.5-1.1.s390x"
}
},
{
"category": "product_version",
"name": "libostree-grub2-2022.5-1.1.s390x",
"product": {
"name": "libostree-grub2-2022.5-1.1.s390x",
"product_id": "libostree-grub2-2022.5-1.1.s390x"
}
},
{
"category": "product_version",
"name": "typelib-1_0-OSTree-1_0-2022.5-1.1.s390x",
"product": {
"name": "typelib-1_0-OSTree-1_0-2022.5-1.1.s390x",
"product_id": "typelib-1_0-OSTree-1_0-2022.5-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libostree-2022.5-1.1.x86_64",
"product": {
"name": "libostree-2022.5-1.1.x86_64",
"product_id": "libostree-2022.5-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "libostree-1-1-2022.5-1.1.x86_64",
"product": {
"name": "libostree-1-1-2022.5-1.1.x86_64",
"product_id": "libostree-1-1-2022.5-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "libostree-devel-2022.5-1.1.x86_64",
"product": {
"name": "libostree-devel-2022.5-1.1.x86_64",
"product_id": "libostree-devel-2022.5-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "libostree-grub2-2022.5-1.1.x86_64",
"product": {
"name": "libostree-grub2-2022.5-1.1.x86_64",
"product_id": "libostree-grub2-2022.5-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "typelib-1_0-OSTree-1_0-2022.5-1.1.x86_64",
"product": {
"name": "typelib-1_0-OSTree-1_0-2022.5-1.1.x86_64",
"product_id": "typelib-1_0-OSTree-1_0-2022.5-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-2022.5-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libostree-2022.5-1.1.aarch64"
},
"product_reference": "libostree-2022.5-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-2022.5-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libostree-2022.5-1.1.ppc64le"
},
"product_reference": "libostree-2022.5-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-2022.5-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libostree-2022.5-1.1.s390x"
},
"product_reference": "libostree-2022.5-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-2022.5-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libostree-2022.5-1.1.x86_64"
},
"product_reference": "libostree-2022.5-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-1-1-2022.5-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libostree-1-1-2022.5-1.1.aarch64"
},
"product_reference": "libostree-1-1-2022.5-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-1-1-2022.5-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libostree-1-1-2022.5-1.1.ppc64le"
},
"product_reference": "libostree-1-1-2022.5-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-1-1-2022.5-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libostree-1-1-2022.5-1.1.s390x"
},
"product_reference": "libostree-1-1-2022.5-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-1-1-2022.5-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libostree-1-1-2022.5-1.1.x86_64"
},
"product_reference": "libostree-1-1-2022.5-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-devel-2022.5-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libostree-devel-2022.5-1.1.aarch64"
},
"product_reference": "libostree-devel-2022.5-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-devel-2022.5-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libostree-devel-2022.5-1.1.ppc64le"
},
"product_reference": "libostree-devel-2022.5-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-devel-2022.5-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libostree-devel-2022.5-1.1.s390x"
},
"product_reference": "libostree-devel-2022.5-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-devel-2022.5-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libostree-devel-2022.5-1.1.x86_64"
},
"product_reference": "libostree-devel-2022.5-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-grub2-2022.5-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libostree-grub2-2022.5-1.1.aarch64"
},
"product_reference": "libostree-grub2-2022.5-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-grub2-2022.5-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libostree-grub2-2022.5-1.1.ppc64le"
},
"product_reference": "libostree-grub2-2022.5-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-grub2-2022.5-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libostree-grub2-2022.5-1.1.s390x"
},
"product_reference": "libostree-grub2-2022.5-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-grub2-2022.5-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libostree-grub2-2022.5-1.1.x86_64"
},
"product_reference": "libostree-grub2-2022.5-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-OSTree-1_0-2022.5-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:typelib-1_0-OSTree-1_0-2022.5-1.1.aarch64"
},
"product_reference": "typelib-1_0-OSTree-1_0-2022.5-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-OSTree-1_0-2022.5-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:typelib-1_0-OSTree-1_0-2022.5-1.1.ppc64le"
},
"product_reference": "typelib-1_0-OSTree-1_0-2022.5-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-OSTree-1_0-2022.5-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:typelib-1_0-OSTree-1_0-2022.5-1.1.s390x"
},
"product_reference": "typelib-1_0-OSTree-1_0-2022.5-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-OSTree-1_0-2022.5-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:typelib-1_0-OSTree-1_0-2022.5-1.1.x86_64"
},
"product_reference": "typelib-1_0-OSTree-1_0-2022.5-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2014-9862",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-9862"
}
],
"notes": [
{
"category": "general",
"text": "Integer signedness error in bspatch.c in bspatch in bsdiff, as used in Apple OS X before 10.11.6 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow) via a crafted patch file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libostree-1-1-2022.5-1.1.aarch64",
"openSUSE Tumbleweed:libostree-1-1-2022.5-1.1.ppc64le",
"openSUSE Tumbleweed:libostree-1-1-2022.5-1.1.s390x",
"openSUSE Tumbleweed:libostree-1-1-2022.5-1.1.x86_64",
"openSUSE Tumbleweed:libostree-2022.5-1.1.aarch64",
"openSUSE Tumbleweed:libostree-2022.5-1.1.ppc64le",
"openSUSE Tumbleweed:libostree-2022.5-1.1.s390x",
"openSUSE Tumbleweed:libostree-2022.5-1.1.x86_64",
"openSUSE Tumbleweed:libostree-devel-2022.5-1.1.aarch64",
"openSUSE Tumbleweed:libostree-devel-2022.5-1.1.ppc64le",
"openSUSE Tumbleweed:libostree-devel-2022.5-1.1.s390x",
"openSUSE Tumbleweed:libostree-devel-2022.5-1.1.x86_64",
"openSUSE Tumbleweed:libostree-grub2-2022.5-1.1.aarch64",
"openSUSE Tumbleweed:libostree-grub2-2022.5-1.1.ppc64le",
"openSUSE Tumbleweed:libostree-grub2-2022.5-1.1.s390x",
"openSUSE Tumbleweed:libostree-grub2-2022.5-1.1.x86_64",
"openSUSE Tumbleweed:typelib-1_0-OSTree-1_0-2022.5-1.1.aarch64",
"openSUSE Tumbleweed:typelib-1_0-OSTree-1_0-2022.5-1.1.ppc64le",
"openSUSE Tumbleweed:typelib-1_0-OSTree-1_0-2022.5-1.1.s390x",
"openSUSE Tumbleweed:typelib-1_0-OSTree-1_0-2022.5-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-9862",
"url": "https://www.suse.com/security/cve/CVE-2014-9862"
},
{
"category": "external",
"summary": "SUSE Bug 1173974 for CVE-2014-9862",
"url": "https://bugzilla.suse.com/1173974"
},
{
"category": "external",
"summary": "SUSE Bug 1201770 for CVE-2014-9862",
"url": "https://bugzilla.suse.com/1201770"
},
{
"category": "external",
"summary": "SUSE Bug 990660 for CVE-2014-9862",
"url": "https://bugzilla.suse.com/990660"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libostree-1-1-2022.5-1.1.aarch64",
"openSUSE Tumbleweed:libostree-1-1-2022.5-1.1.ppc64le",
"openSUSE Tumbleweed:libostree-1-1-2022.5-1.1.s390x",
"openSUSE Tumbleweed:libostree-1-1-2022.5-1.1.x86_64",
"openSUSE Tumbleweed:libostree-2022.5-1.1.aarch64",
"openSUSE Tumbleweed:libostree-2022.5-1.1.ppc64le",
"openSUSE Tumbleweed:libostree-2022.5-1.1.s390x",
"openSUSE Tumbleweed:libostree-2022.5-1.1.x86_64",
"openSUSE Tumbleweed:libostree-devel-2022.5-1.1.aarch64",
"openSUSE Tumbleweed:libostree-devel-2022.5-1.1.ppc64le",
"openSUSE Tumbleweed:libostree-devel-2022.5-1.1.s390x",
"openSUSE Tumbleweed:libostree-devel-2022.5-1.1.x86_64",
"openSUSE Tumbleweed:libostree-grub2-2022.5-1.1.aarch64",
"openSUSE Tumbleweed:libostree-grub2-2022.5-1.1.ppc64le",
"openSUSE Tumbleweed:libostree-grub2-2022.5-1.1.s390x",
"openSUSE Tumbleweed:libostree-grub2-2022.5-1.1.x86_64",
"openSUSE Tumbleweed:typelib-1_0-OSTree-1_0-2022.5-1.1.aarch64",
"openSUSE Tumbleweed:typelib-1_0-OSTree-1_0-2022.5-1.1.ppc64le",
"openSUSE Tumbleweed:typelib-1_0-OSTree-1_0-2022.5-1.1.s390x",
"openSUSE Tumbleweed:typelib-1_0-OSTree-1_0-2022.5-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:libostree-1-1-2022.5-1.1.aarch64",
"openSUSE Tumbleweed:libostree-1-1-2022.5-1.1.ppc64le",
"openSUSE Tumbleweed:libostree-1-1-2022.5-1.1.s390x",
"openSUSE Tumbleweed:libostree-1-1-2022.5-1.1.x86_64",
"openSUSE Tumbleweed:libostree-2022.5-1.1.aarch64",
"openSUSE Tumbleweed:libostree-2022.5-1.1.ppc64le",
"openSUSE Tumbleweed:libostree-2022.5-1.1.s390x",
"openSUSE Tumbleweed:libostree-2022.5-1.1.x86_64",
"openSUSE Tumbleweed:libostree-devel-2022.5-1.1.aarch64",
"openSUSE Tumbleweed:libostree-devel-2022.5-1.1.ppc64le",
"openSUSE Tumbleweed:libostree-devel-2022.5-1.1.s390x",
"openSUSE Tumbleweed:libostree-devel-2022.5-1.1.x86_64",
"openSUSE Tumbleweed:libostree-grub2-2022.5-1.1.aarch64",
"openSUSE Tumbleweed:libostree-grub2-2022.5-1.1.ppc64le",
"openSUSE Tumbleweed:libostree-grub2-2022.5-1.1.s390x",
"openSUSE Tumbleweed:libostree-grub2-2022.5-1.1.x86_64",
"openSUSE Tumbleweed:typelib-1_0-OSTree-1_0-2022.5-1.1.aarch64",
"openSUSE Tumbleweed:typelib-1_0-OSTree-1_0-2022.5-1.1.ppc64le",
"openSUSE Tumbleweed:typelib-1_0-OSTree-1_0-2022.5-1.1.s390x",
"openSUSE Tumbleweed:typelib-1_0-OSTree-1_0-2022.5-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2014-9862"
}
]
}
opensuse-su-2024:10045-1
Vulnerability from csaf_opensuse
Published
2024-06-15 00:00
Modified
2024-06-15 00:00
Summary
bsdiff-4.3-5.3 on GA media
Notes
Title of the patch
bsdiff-4.3-5.3 on GA media
Description of the patch
These are all security issues fixed in the bsdiff-4.3-5.3 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2024-10045
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "bsdiff-4.3-5.3 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the bsdiff-4.3-5.3 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-10045",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_10045-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-9862 page",
"url": "https://www.suse.com/security/cve/CVE-2014-9862/"
}
],
"title": "bsdiff-4.3-5.3 on GA media",
"tracking": {
"current_release_date": "2024-06-15T00:00:00Z",
"generator": {
"date": "2024-06-15T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:10045-1",
"initial_release_date": "2024-06-15T00:00:00Z",
"revision_history": [
{
"date": "2024-06-15T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "bsdiff-4.3-5.3.aarch64",
"product": {
"name": "bsdiff-4.3-5.3.aarch64",
"product_id": "bsdiff-4.3-5.3.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "bsdiff-4.3-5.3.ppc64le",
"product": {
"name": "bsdiff-4.3-5.3.ppc64le",
"product_id": "bsdiff-4.3-5.3.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "bsdiff-4.3-5.3.s390x",
"product": {
"name": "bsdiff-4.3-5.3.s390x",
"product_id": "bsdiff-4.3-5.3.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "bsdiff-4.3-5.3.x86_64",
"product": {
"name": "bsdiff-4.3-5.3.x86_64",
"product_id": "bsdiff-4.3-5.3.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "bsdiff-4.3-5.3.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:bsdiff-4.3-5.3.aarch64"
},
"product_reference": "bsdiff-4.3-5.3.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bsdiff-4.3-5.3.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:bsdiff-4.3-5.3.ppc64le"
},
"product_reference": "bsdiff-4.3-5.3.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bsdiff-4.3-5.3.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:bsdiff-4.3-5.3.s390x"
},
"product_reference": "bsdiff-4.3-5.3.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bsdiff-4.3-5.3.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:bsdiff-4.3-5.3.x86_64"
},
"product_reference": "bsdiff-4.3-5.3.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2014-9862",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-9862"
}
],
"notes": [
{
"category": "general",
"text": "Integer signedness error in bspatch.c in bspatch in bsdiff, as used in Apple OS X before 10.11.6 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow) via a crafted patch file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:bsdiff-4.3-5.3.aarch64",
"openSUSE Tumbleweed:bsdiff-4.3-5.3.ppc64le",
"openSUSE Tumbleweed:bsdiff-4.3-5.3.s390x",
"openSUSE Tumbleweed:bsdiff-4.3-5.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-9862",
"url": "https://www.suse.com/security/cve/CVE-2014-9862"
},
{
"category": "external",
"summary": "SUSE Bug 1173974 for CVE-2014-9862",
"url": "https://bugzilla.suse.com/1173974"
},
{
"category": "external",
"summary": "SUSE Bug 1201770 for CVE-2014-9862",
"url": "https://bugzilla.suse.com/1201770"
},
{
"category": "external",
"summary": "SUSE Bug 990660 for CVE-2014-9862",
"url": "https://bugzilla.suse.com/990660"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:bsdiff-4.3-5.3.aarch64",
"openSUSE Tumbleweed:bsdiff-4.3-5.3.ppc64le",
"openSUSE Tumbleweed:bsdiff-4.3-5.3.s390x",
"openSUSE Tumbleweed:bsdiff-4.3-5.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:bsdiff-4.3-5.3.aarch64",
"openSUSE Tumbleweed:bsdiff-4.3-5.3.ppc64le",
"openSUSE Tumbleweed:bsdiff-4.3-5.3.s390x",
"openSUSE Tumbleweed:bsdiff-4.3-5.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2014-9862"
}
]
}
cnvd-2016-05832
Vulnerability from cnvd
Title
Apple OS X bsdiff整数符号错误漏洞
Description
Apple OS X是为Mac计算机所开发的一套专用操作系统。
Apple OS X使用的bsdiff中的bspatch中的bspatch.c文件中存在整数符号错误漏洞,远程攻击者可利用该漏洞通过构建特殊的补丁文件,使应用程序崩溃或执行任意代码。
Severity
高
VLAI Severity ?
Patch Name
Apple OS X bsdiff整数符号错误漏洞的补丁
Patch Description
Apple OS X是为Mac计算机所开发的一套专用操作系统。
Apple OS X使用的bsdiff中的bspatch中的bspatch.c文件中存在整数符号错误漏洞,远程攻击者可利用该漏洞通过构建特殊的补丁文件,使应用程序崩溃或执行任意代码。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
用户可参考如下厂商提供的安全补丁以修复该漏洞: https://support.apple.com/HT206903
Reference
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9862
Impacted products
| Name | Apple OS X <10.11.6 |
|---|
{
"bids": {
"bid": {
"bidNumber": "91824"
}
},
"cves": {
"cve": {
"cveNumber": "CVE-2014-9862"
}
},
"description": "Apple OS X\u662f\u4e3aMac\u8ba1\u7b97\u673a\u6240\u5f00\u53d1\u7684\u4e00\u5957\u4e13\u7528\u64cd\u4f5c\u7cfb\u7edf\u3002\r\n\r\nApple OS X\u4f7f\u7528\u7684bsdiff\u4e2d\u7684bspatch\u4e2d\u7684bspatch.c\u6587\u4ef6\u4e2d\u5b58\u5728\u6574\u6570\u7b26\u53f7\u9519\u8bef\u6f0f\u6d1e\uff0c\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u901a\u8fc7\u6784\u5efa\u7279\u6b8a\u7684\u8865\u4e01\u6587\u4ef6\uff0c\u4f7f\u5e94\u7528\u7a0b\u5e8f\u5d29\u6e83\u6216\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002",
"discovererName": "Apple",
"formalWay": "\u7528\u6237\u53ef\u53c2\u8003\u5982\u4e0b\u5382\u5546\u63d0\u4f9b\u7684\u5b89\u5168\u8865\u4e01\u4ee5\u4fee\u590d\u8be5\u6f0f\u6d1e\uff1a\r\nhttps://support.apple.com/HT206903",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2016-05832",
"openTime": "2016-08-02",
"patchDescription": "Apple OS X\u662f\u4e3aMac\u8ba1\u7b97\u673a\u6240\u5f00\u53d1\u7684\u4e00\u5957\u4e13\u7528\u64cd\u4f5c\u7cfb\u7edf\u3002\r\n\r\nApple OS X\u4f7f\u7528\u7684bsdiff\u4e2d\u7684bspatch\u4e2d\u7684bspatch.c\u6587\u4ef6\u4e2d\u5b58\u5728\u6574\u6570\u7b26\u53f7\u9519\u8bef\u6f0f\u6d1e\uff0c\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u901a\u8fc7\u6784\u5efa\u7279\u6b8a\u7684\u8865\u4e01\u6587\u4ef6\uff0c\u4f7f\u5e94\u7528\u7a0b\u5e8f\u5d29\u6e83\u6216\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "Apple OS X bsdiff\u6574\u6570\u7b26\u53f7\u9519\u8bef\u6f0f\u6d1e\u7684\u8865\u4e01",
"products": {
"product": "Apple OS X \u003c10.11.6"
},
"referenceLink": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9862",
"serverity": "\u9ad8",
"submitTime": "2016-07-31",
"title": "Apple OS X bsdiff\u6574\u6570\u7b26\u53f7\u9519\u8bef\u6f0f\u6d1e"
}
gsd-2014-9862
Vulnerability from gsd
Modified
2023-12-13 01:22
Details
Integer signedness error in bspatch.c in bspatch in bsdiff, as used in Apple OS X before 10.11.6 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow) via a crafted patch file.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2014-9862",
"description": "Integer signedness error in bspatch.c in bspatch in bsdiff, as used in Apple OS X before 10.11.6 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow) via a crafted patch file.",
"id": "GSD-2014-9862",
"references": [
"https://www.suse.com/security/cve/CVE-2014-9862.html",
"https://ubuntu.com/security/CVE-2014-9862",
"https://advisories.mageia.org/CVE-2014-9862.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2014-9862"
],
"details": "Integer signedness error in bspatch.c in bspatch in bsdiff, as used in Apple OS X before 10.11.6 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow) via a crafted patch file.",
"id": "GSD-2014-9862",
"modified": "2023-12-13T01:22:48.259779Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-9862",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer signedness error in bspatch.c in bspatch in bsdiff, as used in Apple OS X before 10.11.6 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow) via a crafted patch file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "91824",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91824"
},
{
"name": "FreeBSD-SA-16:25",
"refsource": "FREEBSD",
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-16:25.bspatch.asc"
},
{
"name": "https://android.googlesource.com/platform/external/bsdiff/+/4d054795b673855e3a7556c6f2f7ab99ca509998",
"refsource": "CONFIRM",
"url": "https://android.googlesource.com/platform/external/bsdiff/+/4d054795b673855e3a7556c6f2f7ab99ca509998"
},
{
"name": "https://chromium.googlesource.com/chromiumos/third_party/bsdiff/+/d0307d1711bd74e51b783a49f9160775aa22e659",
"refsource": "CONFIRM",
"url": "https://chromium.googlesource.com/chromiumos/third_party/bsdiff/+/d0307d1711bd74e51b783a49f9160775aa22e659"
},
{
"name": "APPLE-SA-2016-07-18-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html"
},
{
"name": "1036438",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036438"
},
{
"name": "https://bugs.chromium.org/p/chromium/issues/detail?id=372525",
"refsource": "CONFIRM",
"url": "https://bugs.chromium.org/p/chromium/issues/detail?id=372525"
},
{
"name": "https://support.apple.com/HT206903",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT206903"
},
{
"name": "openSUSE-SU-2016:1977",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2016-08/msg00026.html"
},
{
"name": "[debian-lts-announce] 20191126 [SECURITY] [DLA 2010-1] bsdiff security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2019/11/msg00028.html"
},
{
"name": "GLSA-202003-44",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202003-44"
},
{
"name": "[oss-security] 20200709 X41 D-Sec GmbH Security Advisory X41-2020-006: Memory Corruption Vulnerability in bspatch",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2020/07/09/2"
},
{
"name": "20200709 X41 D-Sec GmbH Security Advisory X41-2020-006: Memory Corruption Vulnerability in bspatch",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2020/Jul/8"
},
{
"name": "USN-4500-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4500-1/"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "10.11.5",
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-9862"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "Integer signedness error in bspatch.c in bspatch in bsdiff, as used in Apple OS X before 10.11.6 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow) via a crafted patch file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-190"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://android.googlesource.com/platform/external/bsdiff/+/4d054795b673855e3a7556c6f2f7ab99ca509998",
"refsource": "CONFIRM",
"tags": [
"Issue Tracking"
],
"url": "https://android.googlesource.com/platform/external/bsdiff/+/4d054795b673855e3a7556c6f2f7ab99ca509998"
},
{
"name": "https://chromium.googlesource.com/chromiumos/third_party/bsdiff/+/d0307d1711bd74e51b783a49f9160775aa22e659",
"refsource": "CONFIRM",
"tags": [
"Issue Tracking"
],
"url": "https://chromium.googlesource.com/chromiumos/third_party/bsdiff/+/d0307d1711bd74e51b783a49f9160775aa22e659"
},
{
"name": "APPLE-SA-2016-07-18-1",
"refsource": "APPLE",
"tags": [
"Mailing List",
"Vendor Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html"
},
{
"name": "https://support.apple.com/HT206903",
"refsource": "CONFIRM",
"tags": [
"Vendor Advisory"
],
"url": "https://support.apple.com/HT206903"
},
{
"name": "https://bugs.chromium.org/p/chromium/issues/detail?id=372525",
"refsource": "CONFIRM",
"tags": [
"Issue Tracking"
],
"url": "https://bugs.chromium.org/p/chromium/issues/detail?id=372525"
},
{
"name": "FreeBSD-SA-16:25",
"refsource": "FREEBSD",
"tags": [],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-16:25.bspatch.asc"
},
{
"name": "91824",
"refsource": "BID",
"tags": [],
"url": "http://www.securityfocus.com/bid/91824"
},
{
"name": "openSUSE-SU-2016:1977",
"refsource": "SUSE",
"tags": [],
"url": "http://lists.opensuse.org/opensuse-updates/2016-08/msg00026.html"
},
{
"name": "1036438",
"refsource": "SECTRACK",
"tags": [],
"url": "http://www.securitytracker.com/id/1036438"
},
{
"name": "[debian-lts-announce] 20191126 [SECURITY] [DLA 2010-1] bsdiff security update",
"refsource": "MLIST",
"tags": [],
"url": "https://lists.debian.org/debian-lts-announce/2019/11/msg00028.html"
},
{
"name": "GLSA-202003-44",
"refsource": "GENTOO",
"tags": [],
"url": "https://security.gentoo.org/glsa/202003-44"
},
{
"name": "[oss-security] 20200709 X41 D-Sec GmbH Security Advisory X41-2020-006: Memory Corruption Vulnerability in bspatch",
"refsource": "MLIST",
"tags": [],
"url": "http://www.openwall.com/lists/oss-security/2020/07/09/2"
},
{
"name": "20200709 X41 D-Sec GmbH Security Advisory X41-2020-006: Memory Corruption Vulnerability in bspatch",
"refsource": "FULLDISC",
"tags": [],
"url": "http://seclists.org/fulldisclosure/2020/Jul/8"
},
{
"name": "USN-4500-1",
"refsource": "UBUNTU",
"tags": [],
"url": "https://usn.ubuntu.com/4500-1/"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
},
"lastModifiedDate": "2020-09-17T14:15Z",
"publishedDate": "2016-07-22T02:59Z"
}
}
}
suse-su-2022:3455-1
Vulnerability from csaf_suse
Published
2022-09-28 14:57
Modified
2022-09-28 14:57
Summary
Security update for libostree
Notes
Title of the patch
Security update for libostree
Description of the patch
This update for libostree fixes the following issues:
- CVE-2014-9862: Fixed arbitrary write on heap vulnerability (bsc#1201770).
Patchnames
SUSE-2022-3455,SUSE-SLE-Product-HPC-15-SP1-ESPOS-2022-3455,SUSE-SLE-Product-HPC-15-SP1-LTSS-2022-3455,SUSE-SLE-Product-SLES-15-SP1-BCL-2022-3455,SUSE-SLE-Product-SLES-15-SP1-LTSS-2022-3455,SUSE-SLE-Product-SLES_SAP-15-SP1-2022-3455,SUSE-Storage-6-2022-3455
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for libostree",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for libostree fixes the following issues:\n\n- CVE-2014-9862: Fixed arbitrary write on heap vulnerability (bsc#1201770).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2022-3455,SUSE-SLE-Product-HPC-15-SP1-ESPOS-2022-3455,SUSE-SLE-Product-HPC-15-SP1-LTSS-2022-3455,SUSE-SLE-Product-SLES-15-SP1-BCL-2022-3455,SUSE-SLE-Product-SLES-15-SP1-LTSS-2022-3455,SUSE-SLE-Product-SLES_SAP-15-SP1-2022-3455,SUSE-Storage-6-2022-3455",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_3455-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2022:3455-1",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-20223455-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2022:3455-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2022-September/012442.html"
},
{
"category": "self",
"summary": "SUSE Bug 1201770",
"url": "https://bugzilla.suse.com/1201770"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-9862 page",
"url": "https://www.suse.com/security/cve/CVE-2014-9862/"
}
],
"title": "Security update for libostree",
"tracking": {
"current_release_date": "2022-09-28T14:57:25Z",
"generator": {
"date": "2022-09-28T14:57:25Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2022:3455-1",
"initial_release_date": "2022-09-28T14:57:25Z",
"revision_history": [
{
"date": "2022-09-28T14:57:25Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libostree-2018.9-150100.7.4.1.aarch64",
"product": {
"name": "libostree-2018.9-150100.7.4.1.aarch64",
"product_id": "libostree-2018.9-150100.7.4.1.aarch64"
}
},
{
"category": "product_version",
"name": "libostree-1-1-2018.9-150100.7.4.1.aarch64",
"product": {
"name": "libostree-1-1-2018.9-150100.7.4.1.aarch64",
"product_id": "libostree-1-1-2018.9-150100.7.4.1.aarch64"
}
},
{
"category": "product_version",
"name": "libostree-devel-2018.9-150100.7.4.1.aarch64",
"product": {
"name": "libostree-devel-2018.9-150100.7.4.1.aarch64",
"product_id": "libostree-devel-2018.9-150100.7.4.1.aarch64"
}
},
{
"category": "product_version",
"name": "libostree-grub2-2018.9-150100.7.4.1.aarch64",
"product": {
"name": "libostree-grub2-2018.9-150100.7.4.1.aarch64",
"product_id": "libostree-grub2-2018.9-150100.7.4.1.aarch64"
}
},
{
"category": "product_version",
"name": "typelib-1_0-OSTree-1_0-2018.9-150100.7.4.1.aarch64",
"product": {
"name": "typelib-1_0-OSTree-1_0-2018.9-150100.7.4.1.aarch64",
"product_id": "typelib-1_0-OSTree-1_0-2018.9-150100.7.4.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libostree-2018.9-150100.7.4.1.i586",
"product": {
"name": "libostree-2018.9-150100.7.4.1.i586",
"product_id": "libostree-2018.9-150100.7.4.1.i586"
}
},
{
"category": "product_version",
"name": "libostree-1-1-2018.9-150100.7.4.1.i586",
"product": {
"name": "libostree-1-1-2018.9-150100.7.4.1.i586",
"product_id": "libostree-1-1-2018.9-150100.7.4.1.i586"
}
},
{
"category": "product_version",
"name": "libostree-devel-2018.9-150100.7.4.1.i586",
"product": {
"name": "libostree-devel-2018.9-150100.7.4.1.i586",
"product_id": "libostree-devel-2018.9-150100.7.4.1.i586"
}
},
{
"category": "product_version",
"name": "libostree-grub2-2018.9-150100.7.4.1.i586",
"product": {
"name": "libostree-grub2-2018.9-150100.7.4.1.i586",
"product_id": "libostree-grub2-2018.9-150100.7.4.1.i586"
}
},
{
"category": "product_version",
"name": "typelib-1_0-OSTree-1_0-2018.9-150100.7.4.1.i586",
"product": {
"name": "typelib-1_0-OSTree-1_0-2018.9-150100.7.4.1.i586",
"product_id": "typelib-1_0-OSTree-1_0-2018.9-150100.7.4.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "libostree-2018.9-150100.7.4.1.ppc64le",
"product": {
"name": "libostree-2018.9-150100.7.4.1.ppc64le",
"product_id": "libostree-2018.9-150100.7.4.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libostree-1-1-2018.9-150100.7.4.1.ppc64le",
"product": {
"name": "libostree-1-1-2018.9-150100.7.4.1.ppc64le",
"product_id": "libostree-1-1-2018.9-150100.7.4.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libostree-devel-2018.9-150100.7.4.1.ppc64le",
"product": {
"name": "libostree-devel-2018.9-150100.7.4.1.ppc64le",
"product_id": "libostree-devel-2018.9-150100.7.4.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libostree-grub2-2018.9-150100.7.4.1.ppc64le",
"product": {
"name": "libostree-grub2-2018.9-150100.7.4.1.ppc64le",
"product_id": "libostree-grub2-2018.9-150100.7.4.1.ppc64le"
}
},
{
"category": "product_version",
"name": "typelib-1_0-OSTree-1_0-2018.9-150100.7.4.1.ppc64le",
"product": {
"name": "typelib-1_0-OSTree-1_0-2018.9-150100.7.4.1.ppc64le",
"product_id": "typelib-1_0-OSTree-1_0-2018.9-150100.7.4.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libostree-2018.9-150100.7.4.1.s390x",
"product": {
"name": "libostree-2018.9-150100.7.4.1.s390x",
"product_id": "libostree-2018.9-150100.7.4.1.s390x"
}
},
{
"category": "product_version",
"name": "libostree-1-1-2018.9-150100.7.4.1.s390x",
"product": {
"name": "libostree-1-1-2018.9-150100.7.4.1.s390x",
"product_id": "libostree-1-1-2018.9-150100.7.4.1.s390x"
}
},
{
"category": "product_version",
"name": "libostree-devel-2018.9-150100.7.4.1.s390x",
"product": {
"name": "libostree-devel-2018.9-150100.7.4.1.s390x",
"product_id": "libostree-devel-2018.9-150100.7.4.1.s390x"
}
},
{
"category": "product_version",
"name": "typelib-1_0-OSTree-1_0-2018.9-150100.7.4.1.s390x",
"product": {
"name": "typelib-1_0-OSTree-1_0-2018.9-150100.7.4.1.s390x",
"product_id": "typelib-1_0-OSTree-1_0-2018.9-150100.7.4.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libostree-2018.9-150100.7.4.1.x86_64",
"product": {
"name": "libostree-2018.9-150100.7.4.1.x86_64",
"product_id": "libostree-2018.9-150100.7.4.1.x86_64"
}
},
{
"category": "product_version",
"name": "libostree-1-1-2018.9-150100.7.4.1.x86_64",
"product": {
"name": "libostree-1-1-2018.9-150100.7.4.1.x86_64",
"product_id": "libostree-1-1-2018.9-150100.7.4.1.x86_64"
}
},
{
"category": "product_version",
"name": "libostree-devel-2018.9-150100.7.4.1.x86_64",
"product": {
"name": "libostree-devel-2018.9-150100.7.4.1.x86_64",
"product_id": "libostree-devel-2018.9-150100.7.4.1.x86_64"
}
},
{
"category": "product_version",
"name": "libostree-grub2-2018.9-150100.7.4.1.x86_64",
"product": {
"name": "libostree-grub2-2018.9-150100.7.4.1.x86_64",
"product_id": "libostree-grub2-2018.9-150100.7.4.1.x86_64"
}
},
{
"category": "product_version",
"name": "typelib-1_0-OSTree-1_0-2018.9-150100.7.4.1.x86_64",
"product": {
"name": "typelib-1_0-OSTree-1_0-2018.9-150100.7.4.1.x86_64",
"product_id": "typelib-1_0-OSTree-1_0-2018.9-150100.7.4.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP1-BCL",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP1-BCL",
"product_id": "SUSE Linux Enterprise Server 15 SP1-BCL",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_bcl:15:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP1-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Enterprise Storage 6",
"product": {
"name": "SUSE Enterprise Storage 6",
"product_id": "SUSE Enterprise Storage 6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:ses:6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-2018.9-150100.7.4.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:libostree-2018.9-150100.7.4.1.aarch64"
},
"product_reference": "libostree-2018.9-150100.7.4.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-2018.9-150100.7.4.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:libostree-2018.9-150100.7.4.1.x86_64"
},
"product_reference": "libostree-2018.9-150100.7.4.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-1-1-2018.9-150100.7.4.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:libostree-1-1-2018.9-150100.7.4.1.aarch64"
},
"product_reference": "libostree-1-1-2018.9-150100.7.4.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-1-1-2018.9-150100.7.4.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:libostree-1-1-2018.9-150100.7.4.1.x86_64"
},
"product_reference": "libostree-1-1-2018.9-150100.7.4.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-devel-2018.9-150100.7.4.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:libostree-devel-2018.9-150100.7.4.1.aarch64"
},
"product_reference": "libostree-devel-2018.9-150100.7.4.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-devel-2018.9-150100.7.4.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:libostree-devel-2018.9-150100.7.4.1.x86_64"
},
"product_reference": "libostree-devel-2018.9-150100.7.4.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-OSTree-1_0-2018.9-150100.7.4.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:typelib-1_0-OSTree-1_0-2018.9-150100.7.4.1.aarch64"
},
"product_reference": "typelib-1_0-OSTree-1_0-2018.9-150100.7.4.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-OSTree-1_0-2018.9-150100.7.4.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:typelib-1_0-OSTree-1_0-2018.9-150100.7.4.1.x86_64"
},
"product_reference": "typelib-1_0-OSTree-1_0-2018.9-150100.7.4.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-2018.9-150100.7.4.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libostree-2018.9-150100.7.4.1.aarch64"
},
"product_reference": "libostree-2018.9-150100.7.4.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-2018.9-150100.7.4.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libostree-2018.9-150100.7.4.1.x86_64"
},
"product_reference": "libostree-2018.9-150100.7.4.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-1-1-2018.9-150100.7.4.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libostree-1-1-2018.9-150100.7.4.1.aarch64"
},
"product_reference": "libostree-1-1-2018.9-150100.7.4.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-1-1-2018.9-150100.7.4.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libostree-1-1-2018.9-150100.7.4.1.x86_64"
},
"product_reference": "libostree-1-1-2018.9-150100.7.4.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-devel-2018.9-150100.7.4.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libostree-devel-2018.9-150100.7.4.1.aarch64"
},
"product_reference": "libostree-devel-2018.9-150100.7.4.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-devel-2018.9-150100.7.4.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libostree-devel-2018.9-150100.7.4.1.x86_64"
},
"product_reference": "libostree-devel-2018.9-150100.7.4.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-OSTree-1_0-2018.9-150100.7.4.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:typelib-1_0-OSTree-1_0-2018.9-150100.7.4.1.aarch64"
},
"product_reference": "typelib-1_0-OSTree-1_0-2018.9-150100.7.4.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-OSTree-1_0-2018.9-150100.7.4.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:typelib-1_0-OSTree-1_0-2018.9-150100.7.4.1.x86_64"
},
"product_reference": "typelib-1_0-OSTree-1_0-2018.9-150100.7.4.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-2018.9-150100.7.4.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-BCL",
"product_id": "SUSE Linux Enterprise Server 15 SP1-BCL:libostree-2018.9-150100.7.4.1.x86_64"
},
"product_reference": "libostree-2018.9-150100.7.4.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-1-1-2018.9-150100.7.4.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-BCL",
"product_id": "SUSE Linux Enterprise Server 15 SP1-BCL:libostree-1-1-2018.9-150100.7.4.1.x86_64"
},
"product_reference": "libostree-1-1-2018.9-150100.7.4.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-devel-2018.9-150100.7.4.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-BCL",
"product_id": "SUSE Linux Enterprise Server 15 SP1-BCL:libostree-devel-2018.9-150100.7.4.1.x86_64"
},
"product_reference": "libostree-devel-2018.9-150100.7.4.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-OSTree-1_0-2018.9-150100.7.4.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-BCL",
"product_id": "SUSE Linux Enterprise Server 15 SP1-BCL:typelib-1_0-OSTree-1_0-2018.9-150100.7.4.1.x86_64"
},
"product_reference": "typelib-1_0-OSTree-1_0-2018.9-150100.7.4.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-2018.9-150100.7.4.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:libostree-2018.9-150100.7.4.1.aarch64"
},
"product_reference": "libostree-2018.9-150100.7.4.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-2018.9-150100.7.4.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:libostree-2018.9-150100.7.4.1.ppc64le"
},
"product_reference": "libostree-2018.9-150100.7.4.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-2018.9-150100.7.4.1.s390x as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:libostree-2018.9-150100.7.4.1.s390x"
},
"product_reference": "libostree-2018.9-150100.7.4.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-2018.9-150100.7.4.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:libostree-2018.9-150100.7.4.1.x86_64"
},
"product_reference": "libostree-2018.9-150100.7.4.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-1-1-2018.9-150100.7.4.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:libostree-1-1-2018.9-150100.7.4.1.aarch64"
},
"product_reference": "libostree-1-1-2018.9-150100.7.4.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-1-1-2018.9-150100.7.4.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:libostree-1-1-2018.9-150100.7.4.1.ppc64le"
},
"product_reference": "libostree-1-1-2018.9-150100.7.4.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-1-1-2018.9-150100.7.4.1.s390x as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:libostree-1-1-2018.9-150100.7.4.1.s390x"
},
"product_reference": "libostree-1-1-2018.9-150100.7.4.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-1-1-2018.9-150100.7.4.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:libostree-1-1-2018.9-150100.7.4.1.x86_64"
},
"product_reference": "libostree-1-1-2018.9-150100.7.4.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-devel-2018.9-150100.7.4.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:libostree-devel-2018.9-150100.7.4.1.aarch64"
},
"product_reference": "libostree-devel-2018.9-150100.7.4.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-devel-2018.9-150100.7.4.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:libostree-devel-2018.9-150100.7.4.1.ppc64le"
},
"product_reference": "libostree-devel-2018.9-150100.7.4.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-devel-2018.9-150100.7.4.1.s390x as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:libostree-devel-2018.9-150100.7.4.1.s390x"
},
"product_reference": "libostree-devel-2018.9-150100.7.4.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-devel-2018.9-150100.7.4.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:libostree-devel-2018.9-150100.7.4.1.x86_64"
},
"product_reference": "libostree-devel-2018.9-150100.7.4.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-OSTree-1_0-2018.9-150100.7.4.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:typelib-1_0-OSTree-1_0-2018.9-150100.7.4.1.aarch64"
},
"product_reference": "typelib-1_0-OSTree-1_0-2018.9-150100.7.4.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-OSTree-1_0-2018.9-150100.7.4.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:typelib-1_0-OSTree-1_0-2018.9-150100.7.4.1.ppc64le"
},
"product_reference": "typelib-1_0-OSTree-1_0-2018.9-150100.7.4.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-OSTree-1_0-2018.9-150100.7.4.1.s390x as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:typelib-1_0-OSTree-1_0-2018.9-150100.7.4.1.s390x"
},
"product_reference": "typelib-1_0-OSTree-1_0-2018.9-150100.7.4.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-OSTree-1_0-2018.9-150100.7.4.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:typelib-1_0-OSTree-1_0-2018.9-150100.7.4.1.x86_64"
},
"product_reference": "typelib-1_0-OSTree-1_0-2018.9-150100.7.4.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-2018.9-150100.7.4.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:libostree-2018.9-150100.7.4.1.ppc64le"
},
"product_reference": "libostree-2018.9-150100.7.4.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-2018.9-150100.7.4.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:libostree-2018.9-150100.7.4.1.x86_64"
},
"product_reference": "libostree-2018.9-150100.7.4.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-1-1-2018.9-150100.7.4.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:libostree-1-1-2018.9-150100.7.4.1.ppc64le"
},
"product_reference": "libostree-1-1-2018.9-150100.7.4.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-1-1-2018.9-150100.7.4.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:libostree-1-1-2018.9-150100.7.4.1.x86_64"
},
"product_reference": "libostree-1-1-2018.9-150100.7.4.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-devel-2018.9-150100.7.4.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:libostree-devel-2018.9-150100.7.4.1.ppc64le"
},
"product_reference": "libostree-devel-2018.9-150100.7.4.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-devel-2018.9-150100.7.4.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:libostree-devel-2018.9-150100.7.4.1.x86_64"
},
"product_reference": "libostree-devel-2018.9-150100.7.4.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-OSTree-1_0-2018.9-150100.7.4.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:typelib-1_0-OSTree-1_0-2018.9-150100.7.4.1.ppc64le"
},
"product_reference": "typelib-1_0-OSTree-1_0-2018.9-150100.7.4.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-OSTree-1_0-2018.9-150100.7.4.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:typelib-1_0-OSTree-1_0-2018.9-150100.7.4.1.x86_64"
},
"product_reference": "typelib-1_0-OSTree-1_0-2018.9-150100.7.4.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-2018.9-150100.7.4.1.aarch64 as component of SUSE Enterprise Storage 6",
"product_id": "SUSE Enterprise Storage 6:libostree-2018.9-150100.7.4.1.aarch64"
},
"product_reference": "libostree-2018.9-150100.7.4.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-2018.9-150100.7.4.1.x86_64 as component of SUSE Enterprise Storage 6",
"product_id": "SUSE Enterprise Storage 6:libostree-2018.9-150100.7.4.1.x86_64"
},
"product_reference": "libostree-2018.9-150100.7.4.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-1-1-2018.9-150100.7.4.1.aarch64 as component of SUSE Enterprise Storage 6",
"product_id": "SUSE Enterprise Storage 6:libostree-1-1-2018.9-150100.7.4.1.aarch64"
},
"product_reference": "libostree-1-1-2018.9-150100.7.4.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-1-1-2018.9-150100.7.4.1.x86_64 as component of SUSE Enterprise Storage 6",
"product_id": "SUSE Enterprise Storage 6:libostree-1-1-2018.9-150100.7.4.1.x86_64"
},
"product_reference": "libostree-1-1-2018.9-150100.7.4.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-devel-2018.9-150100.7.4.1.aarch64 as component of SUSE Enterprise Storage 6",
"product_id": "SUSE Enterprise Storage 6:libostree-devel-2018.9-150100.7.4.1.aarch64"
},
"product_reference": "libostree-devel-2018.9-150100.7.4.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-devel-2018.9-150100.7.4.1.x86_64 as component of SUSE Enterprise Storage 6",
"product_id": "SUSE Enterprise Storage 6:libostree-devel-2018.9-150100.7.4.1.x86_64"
},
"product_reference": "libostree-devel-2018.9-150100.7.4.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-OSTree-1_0-2018.9-150100.7.4.1.aarch64 as component of SUSE Enterprise Storage 6",
"product_id": "SUSE Enterprise Storage 6:typelib-1_0-OSTree-1_0-2018.9-150100.7.4.1.aarch64"
},
"product_reference": "typelib-1_0-OSTree-1_0-2018.9-150100.7.4.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-OSTree-1_0-2018.9-150100.7.4.1.x86_64 as component of SUSE Enterprise Storage 6",
"product_id": "SUSE Enterprise Storage 6:typelib-1_0-OSTree-1_0-2018.9-150100.7.4.1.x86_64"
},
"product_reference": "typelib-1_0-OSTree-1_0-2018.9-150100.7.4.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2014-9862",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-9862"
}
],
"notes": [
{
"category": "general",
"text": "Integer signedness error in bspatch.c in bspatch in bsdiff, as used in Apple OS X before 10.11.6 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow) via a crafted patch file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 6:libostree-1-1-2018.9-150100.7.4.1.aarch64",
"SUSE Enterprise Storage 6:libostree-1-1-2018.9-150100.7.4.1.x86_64",
"SUSE Enterprise Storage 6:libostree-2018.9-150100.7.4.1.aarch64",
"SUSE Enterprise Storage 6:libostree-2018.9-150100.7.4.1.x86_64",
"SUSE Enterprise Storage 6:libostree-devel-2018.9-150100.7.4.1.aarch64",
"SUSE Enterprise Storage 6:libostree-devel-2018.9-150100.7.4.1.x86_64",
"SUSE Enterprise Storage 6:typelib-1_0-OSTree-1_0-2018.9-150100.7.4.1.aarch64",
"SUSE Enterprise Storage 6:typelib-1_0-OSTree-1_0-2018.9-150100.7.4.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:libostree-1-1-2018.9-150100.7.4.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:libostree-1-1-2018.9-150100.7.4.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:libostree-2018.9-150100.7.4.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:libostree-2018.9-150100.7.4.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:libostree-devel-2018.9-150100.7.4.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:libostree-devel-2018.9-150100.7.4.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:typelib-1_0-OSTree-1_0-2018.9-150100.7.4.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:typelib-1_0-OSTree-1_0-2018.9-150100.7.4.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libostree-1-1-2018.9-150100.7.4.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libostree-1-1-2018.9-150100.7.4.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libostree-2018.9-150100.7.4.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libostree-2018.9-150100.7.4.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libostree-devel-2018.9-150100.7.4.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libostree-devel-2018.9-150100.7.4.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:typelib-1_0-OSTree-1_0-2018.9-150100.7.4.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:typelib-1_0-OSTree-1_0-2018.9-150100.7.4.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:libostree-1-1-2018.9-150100.7.4.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:libostree-2018.9-150100.7.4.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:libostree-devel-2018.9-150100.7.4.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:typelib-1_0-OSTree-1_0-2018.9-150100.7.4.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libostree-1-1-2018.9-150100.7.4.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libostree-1-1-2018.9-150100.7.4.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libostree-1-1-2018.9-150100.7.4.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libostree-1-1-2018.9-150100.7.4.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libostree-2018.9-150100.7.4.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libostree-2018.9-150100.7.4.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libostree-2018.9-150100.7.4.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libostree-2018.9-150100.7.4.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libostree-devel-2018.9-150100.7.4.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libostree-devel-2018.9-150100.7.4.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libostree-devel-2018.9-150100.7.4.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libostree-devel-2018.9-150100.7.4.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:typelib-1_0-OSTree-1_0-2018.9-150100.7.4.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:typelib-1_0-OSTree-1_0-2018.9-150100.7.4.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:typelib-1_0-OSTree-1_0-2018.9-150100.7.4.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:typelib-1_0-OSTree-1_0-2018.9-150100.7.4.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libostree-1-1-2018.9-150100.7.4.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libostree-1-1-2018.9-150100.7.4.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libostree-2018.9-150100.7.4.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libostree-2018.9-150100.7.4.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libostree-devel-2018.9-150100.7.4.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libostree-devel-2018.9-150100.7.4.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:typelib-1_0-OSTree-1_0-2018.9-150100.7.4.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:typelib-1_0-OSTree-1_0-2018.9-150100.7.4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-9862",
"url": "https://www.suse.com/security/cve/CVE-2014-9862"
},
{
"category": "external",
"summary": "SUSE Bug 1173974 for CVE-2014-9862",
"url": "https://bugzilla.suse.com/1173974"
},
{
"category": "external",
"summary": "SUSE Bug 1201770 for CVE-2014-9862",
"url": "https://bugzilla.suse.com/1201770"
},
{
"category": "external",
"summary": "SUSE Bug 990660 for CVE-2014-9862",
"url": "https://bugzilla.suse.com/990660"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 6:libostree-1-1-2018.9-150100.7.4.1.aarch64",
"SUSE Enterprise Storage 6:libostree-1-1-2018.9-150100.7.4.1.x86_64",
"SUSE Enterprise Storage 6:libostree-2018.9-150100.7.4.1.aarch64",
"SUSE Enterprise Storage 6:libostree-2018.9-150100.7.4.1.x86_64",
"SUSE Enterprise Storage 6:libostree-devel-2018.9-150100.7.4.1.aarch64",
"SUSE Enterprise Storage 6:libostree-devel-2018.9-150100.7.4.1.x86_64",
"SUSE Enterprise Storage 6:typelib-1_0-OSTree-1_0-2018.9-150100.7.4.1.aarch64",
"SUSE Enterprise Storage 6:typelib-1_0-OSTree-1_0-2018.9-150100.7.4.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:libostree-1-1-2018.9-150100.7.4.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:libostree-1-1-2018.9-150100.7.4.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:libostree-2018.9-150100.7.4.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:libostree-2018.9-150100.7.4.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:libostree-devel-2018.9-150100.7.4.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:libostree-devel-2018.9-150100.7.4.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:typelib-1_0-OSTree-1_0-2018.9-150100.7.4.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:typelib-1_0-OSTree-1_0-2018.9-150100.7.4.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libostree-1-1-2018.9-150100.7.4.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libostree-1-1-2018.9-150100.7.4.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libostree-2018.9-150100.7.4.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libostree-2018.9-150100.7.4.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libostree-devel-2018.9-150100.7.4.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libostree-devel-2018.9-150100.7.4.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:typelib-1_0-OSTree-1_0-2018.9-150100.7.4.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:typelib-1_0-OSTree-1_0-2018.9-150100.7.4.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:libostree-1-1-2018.9-150100.7.4.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:libostree-2018.9-150100.7.4.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:libostree-devel-2018.9-150100.7.4.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:typelib-1_0-OSTree-1_0-2018.9-150100.7.4.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libostree-1-1-2018.9-150100.7.4.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libostree-1-1-2018.9-150100.7.4.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libostree-1-1-2018.9-150100.7.4.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libostree-1-1-2018.9-150100.7.4.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libostree-2018.9-150100.7.4.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libostree-2018.9-150100.7.4.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libostree-2018.9-150100.7.4.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libostree-2018.9-150100.7.4.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libostree-devel-2018.9-150100.7.4.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libostree-devel-2018.9-150100.7.4.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libostree-devel-2018.9-150100.7.4.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libostree-devel-2018.9-150100.7.4.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:typelib-1_0-OSTree-1_0-2018.9-150100.7.4.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:typelib-1_0-OSTree-1_0-2018.9-150100.7.4.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:typelib-1_0-OSTree-1_0-2018.9-150100.7.4.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:typelib-1_0-OSTree-1_0-2018.9-150100.7.4.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libostree-1-1-2018.9-150100.7.4.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libostree-1-1-2018.9-150100.7.4.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libostree-2018.9-150100.7.4.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libostree-2018.9-150100.7.4.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libostree-devel-2018.9-150100.7.4.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libostree-devel-2018.9-150100.7.4.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:typelib-1_0-OSTree-1_0-2018.9-150100.7.4.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:typelib-1_0-OSTree-1_0-2018.9-150100.7.4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 6:libostree-1-1-2018.9-150100.7.4.1.aarch64",
"SUSE Enterprise Storage 6:libostree-1-1-2018.9-150100.7.4.1.x86_64",
"SUSE Enterprise Storage 6:libostree-2018.9-150100.7.4.1.aarch64",
"SUSE Enterprise Storage 6:libostree-2018.9-150100.7.4.1.x86_64",
"SUSE Enterprise Storage 6:libostree-devel-2018.9-150100.7.4.1.aarch64",
"SUSE Enterprise Storage 6:libostree-devel-2018.9-150100.7.4.1.x86_64",
"SUSE Enterprise Storage 6:typelib-1_0-OSTree-1_0-2018.9-150100.7.4.1.aarch64",
"SUSE Enterprise Storage 6:typelib-1_0-OSTree-1_0-2018.9-150100.7.4.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:libostree-1-1-2018.9-150100.7.4.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:libostree-1-1-2018.9-150100.7.4.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:libostree-2018.9-150100.7.4.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:libostree-2018.9-150100.7.4.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:libostree-devel-2018.9-150100.7.4.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:libostree-devel-2018.9-150100.7.4.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:typelib-1_0-OSTree-1_0-2018.9-150100.7.4.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:typelib-1_0-OSTree-1_0-2018.9-150100.7.4.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libostree-1-1-2018.9-150100.7.4.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libostree-1-1-2018.9-150100.7.4.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libostree-2018.9-150100.7.4.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libostree-2018.9-150100.7.4.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libostree-devel-2018.9-150100.7.4.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libostree-devel-2018.9-150100.7.4.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:typelib-1_0-OSTree-1_0-2018.9-150100.7.4.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:typelib-1_0-OSTree-1_0-2018.9-150100.7.4.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:libostree-1-1-2018.9-150100.7.4.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:libostree-2018.9-150100.7.4.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:libostree-devel-2018.9-150100.7.4.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:typelib-1_0-OSTree-1_0-2018.9-150100.7.4.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libostree-1-1-2018.9-150100.7.4.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libostree-1-1-2018.9-150100.7.4.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libostree-1-1-2018.9-150100.7.4.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libostree-1-1-2018.9-150100.7.4.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libostree-2018.9-150100.7.4.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libostree-2018.9-150100.7.4.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libostree-2018.9-150100.7.4.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libostree-2018.9-150100.7.4.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libostree-devel-2018.9-150100.7.4.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libostree-devel-2018.9-150100.7.4.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libostree-devel-2018.9-150100.7.4.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libostree-devel-2018.9-150100.7.4.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:typelib-1_0-OSTree-1_0-2018.9-150100.7.4.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:typelib-1_0-OSTree-1_0-2018.9-150100.7.4.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:typelib-1_0-OSTree-1_0-2018.9-150100.7.4.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:typelib-1_0-OSTree-1_0-2018.9-150100.7.4.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libostree-1-1-2018.9-150100.7.4.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libostree-1-1-2018.9-150100.7.4.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libostree-2018.9-150100.7.4.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libostree-2018.9-150100.7.4.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libostree-devel-2018.9-150100.7.4.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libostree-devel-2018.9-150100.7.4.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:typelib-1_0-OSTree-1_0-2018.9-150100.7.4.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:typelib-1_0-OSTree-1_0-2018.9-150100.7.4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-09-28T14:57:25Z",
"details": "moderate"
}
],
"title": "CVE-2014-9862"
}
]
}
suse-su-2022:3094-1
Vulnerability from csaf_suse
Published
2022-09-06 05:53
Modified
2022-09-06 05:53
Summary
Security update for libostree
Notes
Title of the patch
Security update for libostree
Description of the patch
This update for libostree fixes the following issues:
- CVE-2014-9862: Fixed a memory corruption issue that could be
triggered when diffing binary files (bsc#1201770).
Patchnames
SUSE-2022-3094,SUSE-SLE-Module-Basesystem-15-SP4-2022-3094,SUSE-SLE-Module-Desktop-Applications-15-SP4-2022-3094,openSUSE-SLE-15.4-2022-3094
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for libostree",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for libostree fixes the following issues:\n\n- CVE-2014-9862: Fixed a memory corruption issue that could be\n triggered when diffing binary files (bsc#1201770).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2022-3094,SUSE-SLE-Module-Basesystem-15-SP4-2022-3094,SUSE-SLE-Module-Desktop-Applications-15-SP4-2022-3094,openSUSE-SLE-15.4-2022-3094",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_3094-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2022:3094-1",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-20223094-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2022:3094-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2022-September/012105.html"
},
{
"category": "self",
"summary": "SUSE Bug 1201770",
"url": "https://bugzilla.suse.com/1201770"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-9862 page",
"url": "https://www.suse.com/security/cve/CVE-2014-9862/"
}
],
"title": "Security update for libostree",
"tracking": {
"current_release_date": "2022-09-06T05:53:09Z",
"generator": {
"date": "2022-09-06T05:53:09Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2022:3094-1",
"initial_release_date": "2022-09-06T05:53:09Z",
"revision_history": [
{
"date": "2022-09-06T05:53:09Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libostree-2021.6-150400.3.3.1.aarch64",
"product": {
"name": "libostree-2021.6-150400.3.3.1.aarch64",
"product_id": "libostree-2021.6-150400.3.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "libostree-1-1-2021.6-150400.3.3.1.aarch64",
"product": {
"name": "libostree-1-1-2021.6-150400.3.3.1.aarch64",
"product_id": "libostree-1-1-2021.6-150400.3.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "libostree-devel-2021.6-150400.3.3.1.aarch64",
"product": {
"name": "libostree-devel-2021.6-150400.3.3.1.aarch64",
"product_id": "libostree-devel-2021.6-150400.3.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "libostree-grub2-2021.6-150400.3.3.1.aarch64",
"product": {
"name": "libostree-grub2-2021.6-150400.3.3.1.aarch64",
"product_id": "libostree-grub2-2021.6-150400.3.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "typelib-1_0-OSTree-1_0-2021.6-150400.3.3.1.aarch64",
"product": {
"name": "typelib-1_0-OSTree-1_0-2021.6-150400.3.3.1.aarch64",
"product_id": "typelib-1_0-OSTree-1_0-2021.6-150400.3.3.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libostree-2021.6-150400.3.3.1.i586",
"product": {
"name": "libostree-2021.6-150400.3.3.1.i586",
"product_id": "libostree-2021.6-150400.3.3.1.i586"
}
},
{
"category": "product_version",
"name": "libostree-1-1-2021.6-150400.3.3.1.i586",
"product": {
"name": "libostree-1-1-2021.6-150400.3.3.1.i586",
"product_id": "libostree-1-1-2021.6-150400.3.3.1.i586"
}
},
{
"category": "product_version",
"name": "libostree-devel-2021.6-150400.3.3.1.i586",
"product": {
"name": "libostree-devel-2021.6-150400.3.3.1.i586",
"product_id": "libostree-devel-2021.6-150400.3.3.1.i586"
}
},
{
"category": "product_version",
"name": "libostree-grub2-2021.6-150400.3.3.1.i586",
"product": {
"name": "libostree-grub2-2021.6-150400.3.3.1.i586",
"product_id": "libostree-grub2-2021.6-150400.3.3.1.i586"
}
},
{
"category": "product_version",
"name": "typelib-1_0-OSTree-1_0-2021.6-150400.3.3.1.i586",
"product": {
"name": "typelib-1_0-OSTree-1_0-2021.6-150400.3.3.1.i586",
"product_id": "typelib-1_0-OSTree-1_0-2021.6-150400.3.3.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "libostree-2021.6-150400.3.3.1.ppc64le",
"product": {
"name": "libostree-2021.6-150400.3.3.1.ppc64le",
"product_id": "libostree-2021.6-150400.3.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libostree-1-1-2021.6-150400.3.3.1.ppc64le",
"product": {
"name": "libostree-1-1-2021.6-150400.3.3.1.ppc64le",
"product_id": "libostree-1-1-2021.6-150400.3.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libostree-devel-2021.6-150400.3.3.1.ppc64le",
"product": {
"name": "libostree-devel-2021.6-150400.3.3.1.ppc64le",
"product_id": "libostree-devel-2021.6-150400.3.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libostree-grub2-2021.6-150400.3.3.1.ppc64le",
"product": {
"name": "libostree-grub2-2021.6-150400.3.3.1.ppc64le",
"product_id": "libostree-grub2-2021.6-150400.3.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "typelib-1_0-OSTree-1_0-2021.6-150400.3.3.1.ppc64le",
"product": {
"name": "typelib-1_0-OSTree-1_0-2021.6-150400.3.3.1.ppc64le",
"product_id": "typelib-1_0-OSTree-1_0-2021.6-150400.3.3.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libostree-2021.6-150400.3.3.1.s390x",
"product": {
"name": "libostree-2021.6-150400.3.3.1.s390x",
"product_id": "libostree-2021.6-150400.3.3.1.s390x"
}
},
{
"category": "product_version",
"name": "libostree-1-1-2021.6-150400.3.3.1.s390x",
"product": {
"name": "libostree-1-1-2021.6-150400.3.3.1.s390x",
"product_id": "libostree-1-1-2021.6-150400.3.3.1.s390x"
}
},
{
"category": "product_version",
"name": "libostree-devel-2021.6-150400.3.3.1.s390x",
"product": {
"name": "libostree-devel-2021.6-150400.3.3.1.s390x",
"product_id": "libostree-devel-2021.6-150400.3.3.1.s390x"
}
},
{
"category": "product_version",
"name": "typelib-1_0-OSTree-1_0-2021.6-150400.3.3.1.s390x",
"product": {
"name": "typelib-1_0-OSTree-1_0-2021.6-150400.3.3.1.s390x",
"product_id": "typelib-1_0-OSTree-1_0-2021.6-150400.3.3.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libostree-2021.6-150400.3.3.1.x86_64",
"product": {
"name": "libostree-2021.6-150400.3.3.1.x86_64",
"product_id": "libostree-2021.6-150400.3.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "libostree-1-1-2021.6-150400.3.3.1.x86_64",
"product": {
"name": "libostree-1-1-2021.6-150400.3.3.1.x86_64",
"product_id": "libostree-1-1-2021.6-150400.3.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "libostree-devel-2021.6-150400.3.3.1.x86_64",
"product": {
"name": "libostree-devel-2021.6-150400.3.3.1.x86_64",
"product_id": "libostree-devel-2021.6-150400.3.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "libostree-grub2-2021.6-150400.3.3.1.x86_64",
"product": {
"name": "libostree-grub2-2021.6-150400.3.3.1.x86_64",
"product_id": "libostree-grub2-2021.6-150400.3.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "typelib-1_0-OSTree-1_0-2021.6-150400.3.3.1.x86_64",
"product": {
"name": "typelib-1_0-OSTree-1_0-2021.6-150400.3.3.1.x86_64",
"product_id": "typelib-1_0-OSTree-1_0-2021.6-150400.3.3.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-basesystem:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Desktop Applications 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Module for Desktop Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-desktop-applications:15:sp4"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.4",
"product": {
"name": "openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.4"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-1-1-2021.6-150400.3.3.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP4:libostree-1-1-2021.6-150400.3.3.1.aarch64"
},
"product_reference": "libostree-1-1-2021.6-150400.3.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-1-1-2021.6-150400.3.3.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP4:libostree-1-1-2021.6-150400.3.3.1.ppc64le"
},
"product_reference": "libostree-1-1-2021.6-150400.3.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-1-1-2021.6-150400.3.3.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP4:libostree-1-1-2021.6-150400.3.3.1.s390x"
},
"product_reference": "libostree-1-1-2021.6-150400.3.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-1-1-2021.6-150400.3.3.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP4:libostree-1-1-2021.6-150400.3.3.1.x86_64"
},
"product_reference": "libostree-1-1-2021.6-150400.3.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-2021.6-150400.3.3.1.aarch64 as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP4:libostree-2021.6-150400.3.3.1.aarch64"
},
"product_reference": "libostree-2021.6-150400.3.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-2021.6-150400.3.3.1.ppc64le as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP4:libostree-2021.6-150400.3.3.1.ppc64le"
},
"product_reference": "libostree-2021.6-150400.3.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-2021.6-150400.3.3.1.s390x as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP4:libostree-2021.6-150400.3.3.1.s390x"
},
"product_reference": "libostree-2021.6-150400.3.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-2021.6-150400.3.3.1.x86_64 as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP4:libostree-2021.6-150400.3.3.1.x86_64"
},
"product_reference": "libostree-2021.6-150400.3.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-devel-2021.6-150400.3.3.1.aarch64 as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP4:libostree-devel-2021.6-150400.3.3.1.aarch64"
},
"product_reference": "libostree-devel-2021.6-150400.3.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-devel-2021.6-150400.3.3.1.ppc64le as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP4:libostree-devel-2021.6-150400.3.3.1.ppc64le"
},
"product_reference": "libostree-devel-2021.6-150400.3.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-devel-2021.6-150400.3.3.1.s390x as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP4:libostree-devel-2021.6-150400.3.3.1.s390x"
},
"product_reference": "libostree-devel-2021.6-150400.3.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-devel-2021.6-150400.3.3.1.x86_64 as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP4:libostree-devel-2021.6-150400.3.3.1.x86_64"
},
"product_reference": "libostree-devel-2021.6-150400.3.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-OSTree-1_0-2021.6-150400.3.3.1.aarch64 as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP4:typelib-1_0-OSTree-1_0-2021.6-150400.3.3.1.aarch64"
},
"product_reference": "typelib-1_0-OSTree-1_0-2021.6-150400.3.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-OSTree-1_0-2021.6-150400.3.3.1.ppc64le as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP4:typelib-1_0-OSTree-1_0-2021.6-150400.3.3.1.ppc64le"
},
"product_reference": "typelib-1_0-OSTree-1_0-2021.6-150400.3.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-OSTree-1_0-2021.6-150400.3.3.1.s390x as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP4:typelib-1_0-OSTree-1_0-2021.6-150400.3.3.1.s390x"
},
"product_reference": "typelib-1_0-OSTree-1_0-2021.6-150400.3.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-OSTree-1_0-2021.6-150400.3.3.1.x86_64 as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP4:typelib-1_0-OSTree-1_0-2021.6-150400.3.3.1.x86_64"
},
"product_reference": "typelib-1_0-OSTree-1_0-2021.6-150400.3.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-2021.6-150400.3.3.1.aarch64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:libostree-2021.6-150400.3.3.1.aarch64"
},
"product_reference": "libostree-2021.6-150400.3.3.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-2021.6-150400.3.3.1.ppc64le as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:libostree-2021.6-150400.3.3.1.ppc64le"
},
"product_reference": "libostree-2021.6-150400.3.3.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-2021.6-150400.3.3.1.s390x as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:libostree-2021.6-150400.3.3.1.s390x"
},
"product_reference": "libostree-2021.6-150400.3.3.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-2021.6-150400.3.3.1.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:libostree-2021.6-150400.3.3.1.x86_64"
},
"product_reference": "libostree-2021.6-150400.3.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-1-1-2021.6-150400.3.3.1.aarch64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:libostree-1-1-2021.6-150400.3.3.1.aarch64"
},
"product_reference": "libostree-1-1-2021.6-150400.3.3.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-1-1-2021.6-150400.3.3.1.ppc64le as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:libostree-1-1-2021.6-150400.3.3.1.ppc64le"
},
"product_reference": "libostree-1-1-2021.6-150400.3.3.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-1-1-2021.6-150400.3.3.1.s390x as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:libostree-1-1-2021.6-150400.3.3.1.s390x"
},
"product_reference": "libostree-1-1-2021.6-150400.3.3.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-1-1-2021.6-150400.3.3.1.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:libostree-1-1-2021.6-150400.3.3.1.x86_64"
},
"product_reference": "libostree-1-1-2021.6-150400.3.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-devel-2021.6-150400.3.3.1.aarch64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:libostree-devel-2021.6-150400.3.3.1.aarch64"
},
"product_reference": "libostree-devel-2021.6-150400.3.3.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-devel-2021.6-150400.3.3.1.ppc64le as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:libostree-devel-2021.6-150400.3.3.1.ppc64le"
},
"product_reference": "libostree-devel-2021.6-150400.3.3.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-devel-2021.6-150400.3.3.1.s390x as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:libostree-devel-2021.6-150400.3.3.1.s390x"
},
"product_reference": "libostree-devel-2021.6-150400.3.3.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-devel-2021.6-150400.3.3.1.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:libostree-devel-2021.6-150400.3.3.1.x86_64"
},
"product_reference": "libostree-devel-2021.6-150400.3.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-grub2-2021.6-150400.3.3.1.aarch64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:libostree-grub2-2021.6-150400.3.3.1.aarch64"
},
"product_reference": "libostree-grub2-2021.6-150400.3.3.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-grub2-2021.6-150400.3.3.1.ppc64le as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:libostree-grub2-2021.6-150400.3.3.1.ppc64le"
},
"product_reference": "libostree-grub2-2021.6-150400.3.3.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-grub2-2021.6-150400.3.3.1.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:libostree-grub2-2021.6-150400.3.3.1.x86_64"
},
"product_reference": "libostree-grub2-2021.6-150400.3.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-OSTree-1_0-2021.6-150400.3.3.1.aarch64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:typelib-1_0-OSTree-1_0-2021.6-150400.3.3.1.aarch64"
},
"product_reference": "typelib-1_0-OSTree-1_0-2021.6-150400.3.3.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-OSTree-1_0-2021.6-150400.3.3.1.ppc64le as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:typelib-1_0-OSTree-1_0-2021.6-150400.3.3.1.ppc64le"
},
"product_reference": "typelib-1_0-OSTree-1_0-2021.6-150400.3.3.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-OSTree-1_0-2021.6-150400.3.3.1.s390x as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:typelib-1_0-OSTree-1_0-2021.6-150400.3.3.1.s390x"
},
"product_reference": "typelib-1_0-OSTree-1_0-2021.6-150400.3.3.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-OSTree-1_0-2021.6-150400.3.3.1.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:typelib-1_0-OSTree-1_0-2021.6-150400.3.3.1.x86_64"
},
"product_reference": "typelib-1_0-OSTree-1_0-2021.6-150400.3.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2014-9862",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-9862"
}
],
"notes": [
{
"category": "general",
"text": "Integer signedness error in bspatch.c in bspatch in bsdiff, as used in Apple OS X before 10.11.6 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow) via a crafted patch file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libostree-1-1-2021.6-150400.3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libostree-1-1-2021.6-150400.3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libostree-1-1-2021.6-150400.3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libostree-1-1-2021.6-150400.3.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP4:libostree-2021.6-150400.3.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP4:libostree-2021.6-150400.3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP4:libostree-2021.6-150400.3.3.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP4:libostree-2021.6-150400.3.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP4:libostree-devel-2021.6-150400.3.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP4:libostree-devel-2021.6-150400.3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP4:libostree-devel-2021.6-150400.3.3.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP4:libostree-devel-2021.6-150400.3.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP4:typelib-1_0-OSTree-1_0-2021.6-150400.3.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP4:typelib-1_0-OSTree-1_0-2021.6-150400.3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP4:typelib-1_0-OSTree-1_0-2021.6-150400.3.3.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP4:typelib-1_0-OSTree-1_0-2021.6-150400.3.3.1.x86_64",
"openSUSE Leap 15.4:libostree-1-1-2021.6-150400.3.3.1.aarch64",
"openSUSE Leap 15.4:libostree-1-1-2021.6-150400.3.3.1.ppc64le",
"openSUSE Leap 15.4:libostree-1-1-2021.6-150400.3.3.1.s390x",
"openSUSE Leap 15.4:libostree-1-1-2021.6-150400.3.3.1.x86_64",
"openSUSE Leap 15.4:libostree-2021.6-150400.3.3.1.aarch64",
"openSUSE Leap 15.4:libostree-2021.6-150400.3.3.1.ppc64le",
"openSUSE Leap 15.4:libostree-2021.6-150400.3.3.1.s390x",
"openSUSE Leap 15.4:libostree-2021.6-150400.3.3.1.x86_64",
"openSUSE Leap 15.4:libostree-devel-2021.6-150400.3.3.1.aarch64",
"openSUSE Leap 15.4:libostree-devel-2021.6-150400.3.3.1.ppc64le",
"openSUSE Leap 15.4:libostree-devel-2021.6-150400.3.3.1.s390x",
"openSUSE Leap 15.4:libostree-devel-2021.6-150400.3.3.1.x86_64",
"openSUSE Leap 15.4:libostree-grub2-2021.6-150400.3.3.1.aarch64",
"openSUSE Leap 15.4:libostree-grub2-2021.6-150400.3.3.1.ppc64le",
"openSUSE Leap 15.4:libostree-grub2-2021.6-150400.3.3.1.x86_64",
"openSUSE Leap 15.4:typelib-1_0-OSTree-1_0-2021.6-150400.3.3.1.aarch64",
"openSUSE Leap 15.4:typelib-1_0-OSTree-1_0-2021.6-150400.3.3.1.ppc64le",
"openSUSE Leap 15.4:typelib-1_0-OSTree-1_0-2021.6-150400.3.3.1.s390x",
"openSUSE Leap 15.4:typelib-1_0-OSTree-1_0-2021.6-150400.3.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-9862",
"url": "https://www.suse.com/security/cve/CVE-2014-9862"
},
{
"category": "external",
"summary": "SUSE Bug 1173974 for CVE-2014-9862",
"url": "https://bugzilla.suse.com/1173974"
},
{
"category": "external",
"summary": "SUSE Bug 1201770 for CVE-2014-9862",
"url": "https://bugzilla.suse.com/1201770"
},
{
"category": "external",
"summary": "SUSE Bug 990660 for CVE-2014-9862",
"url": "https://bugzilla.suse.com/990660"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libostree-1-1-2021.6-150400.3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libostree-1-1-2021.6-150400.3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libostree-1-1-2021.6-150400.3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libostree-1-1-2021.6-150400.3.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP4:libostree-2021.6-150400.3.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP4:libostree-2021.6-150400.3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP4:libostree-2021.6-150400.3.3.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP4:libostree-2021.6-150400.3.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP4:libostree-devel-2021.6-150400.3.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP4:libostree-devel-2021.6-150400.3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP4:libostree-devel-2021.6-150400.3.3.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP4:libostree-devel-2021.6-150400.3.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP4:typelib-1_0-OSTree-1_0-2021.6-150400.3.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP4:typelib-1_0-OSTree-1_0-2021.6-150400.3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP4:typelib-1_0-OSTree-1_0-2021.6-150400.3.3.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP4:typelib-1_0-OSTree-1_0-2021.6-150400.3.3.1.x86_64",
"openSUSE Leap 15.4:libostree-1-1-2021.6-150400.3.3.1.aarch64",
"openSUSE Leap 15.4:libostree-1-1-2021.6-150400.3.3.1.ppc64le",
"openSUSE Leap 15.4:libostree-1-1-2021.6-150400.3.3.1.s390x",
"openSUSE Leap 15.4:libostree-1-1-2021.6-150400.3.3.1.x86_64",
"openSUSE Leap 15.4:libostree-2021.6-150400.3.3.1.aarch64",
"openSUSE Leap 15.4:libostree-2021.6-150400.3.3.1.ppc64le",
"openSUSE Leap 15.4:libostree-2021.6-150400.3.3.1.s390x",
"openSUSE Leap 15.4:libostree-2021.6-150400.3.3.1.x86_64",
"openSUSE Leap 15.4:libostree-devel-2021.6-150400.3.3.1.aarch64",
"openSUSE Leap 15.4:libostree-devel-2021.6-150400.3.3.1.ppc64le",
"openSUSE Leap 15.4:libostree-devel-2021.6-150400.3.3.1.s390x",
"openSUSE Leap 15.4:libostree-devel-2021.6-150400.3.3.1.x86_64",
"openSUSE Leap 15.4:libostree-grub2-2021.6-150400.3.3.1.aarch64",
"openSUSE Leap 15.4:libostree-grub2-2021.6-150400.3.3.1.ppc64le",
"openSUSE Leap 15.4:libostree-grub2-2021.6-150400.3.3.1.x86_64",
"openSUSE Leap 15.4:typelib-1_0-OSTree-1_0-2021.6-150400.3.3.1.aarch64",
"openSUSE Leap 15.4:typelib-1_0-OSTree-1_0-2021.6-150400.3.3.1.ppc64le",
"openSUSE Leap 15.4:typelib-1_0-OSTree-1_0-2021.6-150400.3.3.1.s390x",
"openSUSE Leap 15.4:typelib-1_0-OSTree-1_0-2021.6-150400.3.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libostree-1-1-2021.6-150400.3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libostree-1-1-2021.6-150400.3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libostree-1-1-2021.6-150400.3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:libostree-1-1-2021.6-150400.3.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP4:libostree-2021.6-150400.3.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP4:libostree-2021.6-150400.3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP4:libostree-2021.6-150400.3.3.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP4:libostree-2021.6-150400.3.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP4:libostree-devel-2021.6-150400.3.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP4:libostree-devel-2021.6-150400.3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP4:libostree-devel-2021.6-150400.3.3.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP4:libostree-devel-2021.6-150400.3.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP4:typelib-1_0-OSTree-1_0-2021.6-150400.3.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP4:typelib-1_0-OSTree-1_0-2021.6-150400.3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP4:typelib-1_0-OSTree-1_0-2021.6-150400.3.3.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP4:typelib-1_0-OSTree-1_0-2021.6-150400.3.3.1.x86_64",
"openSUSE Leap 15.4:libostree-1-1-2021.6-150400.3.3.1.aarch64",
"openSUSE Leap 15.4:libostree-1-1-2021.6-150400.3.3.1.ppc64le",
"openSUSE Leap 15.4:libostree-1-1-2021.6-150400.3.3.1.s390x",
"openSUSE Leap 15.4:libostree-1-1-2021.6-150400.3.3.1.x86_64",
"openSUSE Leap 15.4:libostree-2021.6-150400.3.3.1.aarch64",
"openSUSE Leap 15.4:libostree-2021.6-150400.3.3.1.ppc64le",
"openSUSE Leap 15.4:libostree-2021.6-150400.3.3.1.s390x",
"openSUSE Leap 15.4:libostree-2021.6-150400.3.3.1.x86_64",
"openSUSE Leap 15.4:libostree-devel-2021.6-150400.3.3.1.aarch64",
"openSUSE Leap 15.4:libostree-devel-2021.6-150400.3.3.1.ppc64le",
"openSUSE Leap 15.4:libostree-devel-2021.6-150400.3.3.1.s390x",
"openSUSE Leap 15.4:libostree-devel-2021.6-150400.3.3.1.x86_64",
"openSUSE Leap 15.4:libostree-grub2-2021.6-150400.3.3.1.aarch64",
"openSUSE Leap 15.4:libostree-grub2-2021.6-150400.3.3.1.ppc64le",
"openSUSE Leap 15.4:libostree-grub2-2021.6-150400.3.3.1.x86_64",
"openSUSE Leap 15.4:typelib-1_0-OSTree-1_0-2021.6-150400.3.3.1.aarch64",
"openSUSE Leap 15.4:typelib-1_0-OSTree-1_0-2021.6-150400.3.3.1.ppc64le",
"openSUSE Leap 15.4:typelib-1_0-OSTree-1_0-2021.6-150400.3.3.1.s390x",
"openSUSE Leap 15.4:typelib-1_0-OSTree-1_0-2021.6-150400.3.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-09-06T05:53:09Z",
"details": "moderate"
}
],
"title": "CVE-2014-9862"
}
]
}
suse-su-2022:3671-1
Vulnerability from csaf_suse
Published
2022-10-20 08:52
Modified
2022-10-20 08:52
Summary
Security update for libostree
Notes
Title of the patch
Security update for libostree
Description of the patch
This update for libostree fixes the following issues:
- CVE-2014-9862: Fixed arbitrary write on heap vulnerability (bsc#1201770).
Patchnames
SUSE-2022-3671,SUSE-SLE-Product-HPC-15-2022-3671,SUSE-SLE-Product-SLES-15-2022-3671,SUSE-SLE-Product-SLES_SAP-15-2022-3671
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for libostree",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for libostree fixes the following issues:\n\n- CVE-2014-9862: Fixed arbitrary write on heap vulnerability (bsc#1201770).\n\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2022-3671,SUSE-SLE-Product-HPC-15-2022-3671,SUSE-SLE-Product-SLES-15-2022-3671,SUSE-SLE-Product-SLES_SAP-15-2022-3671",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_3671-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2022:3671-1",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-20223671-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2022:3671-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2022-October/012590.html"
},
{
"category": "self",
"summary": "SUSE Bug 1201770",
"url": "https://bugzilla.suse.com/1201770"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-9862 page",
"url": "https://www.suse.com/security/cve/CVE-2014-9862/"
}
],
"title": "Security update for libostree",
"tracking": {
"current_release_date": "2022-10-20T08:52:30Z",
"generator": {
"date": "2022-10-20T08:52:30Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2022:3671-1",
"initial_release_date": "2022-10-20T08:52:30Z",
"revision_history": [
{
"date": "2022-10-20T08:52:30Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libostree-2018.1-150000.4.3.1.aarch64",
"product": {
"name": "libostree-2018.1-150000.4.3.1.aarch64",
"product_id": "libostree-2018.1-150000.4.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "libostree-1-1-2018.1-150000.4.3.1.aarch64",
"product": {
"name": "libostree-1-1-2018.1-150000.4.3.1.aarch64",
"product_id": "libostree-1-1-2018.1-150000.4.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "libostree-devel-2018.1-150000.4.3.1.aarch64",
"product": {
"name": "libostree-devel-2018.1-150000.4.3.1.aarch64",
"product_id": "libostree-devel-2018.1-150000.4.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "libostree-grub2-2018.1-150000.4.3.1.aarch64",
"product": {
"name": "libostree-grub2-2018.1-150000.4.3.1.aarch64",
"product_id": "libostree-grub2-2018.1-150000.4.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "typelib-1_0-OSTree-1_0-2018.1-150000.4.3.1.aarch64",
"product": {
"name": "typelib-1_0-OSTree-1_0-2018.1-150000.4.3.1.aarch64",
"product_id": "typelib-1_0-OSTree-1_0-2018.1-150000.4.3.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libostree-2018.1-150000.4.3.1.i586",
"product": {
"name": "libostree-2018.1-150000.4.3.1.i586",
"product_id": "libostree-2018.1-150000.4.3.1.i586"
}
},
{
"category": "product_version",
"name": "libostree-1-1-2018.1-150000.4.3.1.i586",
"product": {
"name": "libostree-1-1-2018.1-150000.4.3.1.i586",
"product_id": "libostree-1-1-2018.1-150000.4.3.1.i586"
}
},
{
"category": "product_version",
"name": "libostree-devel-2018.1-150000.4.3.1.i586",
"product": {
"name": "libostree-devel-2018.1-150000.4.3.1.i586",
"product_id": "libostree-devel-2018.1-150000.4.3.1.i586"
}
},
{
"category": "product_version",
"name": "libostree-grub2-2018.1-150000.4.3.1.i586",
"product": {
"name": "libostree-grub2-2018.1-150000.4.3.1.i586",
"product_id": "libostree-grub2-2018.1-150000.4.3.1.i586"
}
},
{
"category": "product_version",
"name": "typelib-1_0-OSTree-1_0-2018.1-150000.4.3.1.i586",
"product": {
"name": "typelib-1_0-OSTree-1_0-2018.1-150000.4.3.1.i586",
"product_id": "typelib-1_0-OSTree-1_0-2018.1-150000.4.3.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "libostree-2018.1-150000.4.3.1.ppc64le",
"product": {
"name": "libostree-2018.1-150000.4.3.1.ppc64le",
"product_id": "libostree-2018.1-150000.4.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libostree-1-1-2018.1-150000.4.3.1.ppc64le",
"product": {
"name": "libostree-1-1-2018.1-150000.4.3.1.ppc64le",
"product_id": "libostree-1-1-2018.1-150000.4.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libostree-devel-2018.1-150000.4.3.1.ppc64le",
"product": {
"name": "libostree-devel-2018.1-150000.4.3.1.ppc64le",
"product_id": "libostree-devel-2018.1-150000.4.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libostree-grub2-2018.1-150000.4.3.1.ppc64le",
"product": {
"name": "libostree-grub2-2018.1-150000.4.3.1.ppc64le",
"product_id": "libostree-grub2-2018.1-150000.4.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "typelib-1_0-OSTree-1_0-2018.1-150000.4.3.1.ppc64le",
"product": {
"name": "typelib-1_0-OSTree-1_0-2018.1-150000.4.3.1.ppc64le",
"product_id": "typelib-1_0-OSTree-1_0-2018.1-150000.4.3.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libostree-2018.1-150000.4.3.1.s390x",
"product": {
"name": "libostree-2018.1-150000.4.3.1.s390x",
"product_id": "libostree-2018.1-150000.4.3.1.s390x"
}
},
{
"category": "product_version",
"name": "libostree-1-1-2018.1-150000.4.3.1.s390x",
"product": {
"name": "libostree-1-1-2018.1-150000.4.3.1.s390x",
"product_id": "libostree-1-1-2018.1-150000.4.3.1.s390x"
}
},
{
"category": "product_version",
"name": "libostree-devel-2018.1-150000.4.3.1.s390x",
"product": {
"name": "libostree-devel-2018.1-150000.4.3.1.s390x",
"product_id": "libostree-devel-2018.1-150000.4.3.1.s390x"
}
},
{
"category": "product_version",
"name": "typelib-1_0-OSTree-1_0-2018.1-150000.4.3.1.s390x",
"product": {
"name": "typelib-1_0-OSTree-1_0-2018.1-150000.4.3.1.s390x",
"product_id": "typelib-1_0-OSTree-1_0-2018.1-150000.4.3.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libostree-2018.1-150000.4.3.1.x86_64",
"product": {
"name": "libostree-2018.1-150000.4.3.1.x86_64",
"product_id": "libostree-2018.1-150000.4.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "libostree-1-1-2018.1-150000.4.3.1.x86_64",
"product": {
"name": "libostree-1-1-2018.1-150000.4.3.1.x86_64",
"product_id": "libostree-1-1-2018.1-150000.4.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "libostree-devel-2018.1-150000.4.3.1.x86_64",
"product": {
"name": "libostree-devel-2018.1-150000.4.3.1.x86_64",
"product_id": "libostree-devel-2018.1-150000.4.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "libostree-grub2-2018.1-150000.4.3.1.x86_64",
"product": {
"name": "libostree-grub2-2018.1-150000.4.3.1.x86_64",
"product_id": "libostree-grub2-2018.1-150000.4.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "typelib-1_0-OSTree-1_0-2018.1-150000.4.3.1.x86_64",
"product": {
"name": "typelib-1_0-OSTree-1_0-2018.1-150000.4.3.1.x86_64",
"product_id": "typelib-1_0-OSTree-1_0-2018.1-150000.4.3.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-2018.1-150000.4.3.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-ESPOS:libostree-2018.1-150000.4.3.1.aarch64"
},
"product_reference": "libostree-2018.1-150000.4.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-2018.1-150000.4.3.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-ESPOS:libostree-2018.1-150000.4.3.1.x86_64"
},
"product_reference": "libostree-2018.1-150000.4.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-1-1-2018.1-150000.4.3.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-ESPOS:libostree-1-1-2018.1-150000.4.3.1.aarch64"
},
"product_reference": "libostree-1-1-2018.1-150000.4.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-1-1-2018.1-150000.4.3.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-ESPOS:libostree-1-1-2018.1-150000.4.3.1.x86_64"
},
"product_reference": "libostree-1-1-2018.1-150000.4.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-devel-2018.1-150000.4.3.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-ESPOS:libostree-devel-2018.1-150000.4.3.1.aarch64"
},
"product_reference": "libostree-devel-2018.1-150000.4.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-devel-2018.1-150000.4.3.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-ESPOS:libostree-devel-2018.1-150000.4.3.1.x86_64"
},
"product_reference": "libostree-devel-2018.1-150000.4.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-OSTree-1_0-2018.1-150000.4.3.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-ESPOS:typelib-1_0-OSTree-1_0-2018.1-150000.4.3.1.aarch64"
},
"product_reference": "typelib-1_0-OSTree-1_0-2018.1-150000.4.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-OSTree-1_0-2018.1-150000.4.3.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-ESPOS:typelib-1_0-OSTree-1_0-2018.1-150000.4.3.1.x86_64"
},
"product_reference": "typelib-1_0-OSTree-1_0-2018.1-150000.4.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-2018.1-150000.4.3.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-LTSS:libostree-2018.1-150000.4.3.1.aarch64"
},
"product_reference": "libostree-2018.1-150000.4.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-2018.1-150000.4.3.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-LTSS:libostree-2018.1-150000.4.3.1.x86_64"
},
"product_reference": "libostree-2018.1-150000.4.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-1-1-2018.1-150000.4.3.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-LTSS:libostree-1-1-2018.1-150000.4.3.1.aarch64"
},
"product_reference": "libostree-1-1-2018.1-150000.4.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-1-1-2018.1-150000.4.3.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-LTSS:libostree-1-1-2018.1-150000.4.3.1.x86_64"
},
"product_reference": "libostree-1-1-2018.1-150000.4.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-devel-2018.1-150000.4.3.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-LTSS:libostree-devel-2018.1-150000.4.3.1.aarch64"
},
"product_reference": "libostree-devel-2018.1-150000.4.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-devel-2018.1-150000.4.3.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-LTSS:libostree-devel-2018.1-150000.4.3.1.x86_64"
},
"product_reference": "libostree-devel-2018.1-150000.4.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-OSTree-1_0-2018.1-150000.4.3.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-LTSS:typelib-1_0-OSTree-1_0-2018.1-150000.4.3.1.aarch64"
},
"product_reference": "typelib-1_0-OSTree-1_0-2018.1-150000.4.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-OSTree-1_0-2018.1-150000.4.3.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-LTSS:typelib-1_0-OSTree-1_0-2018.1-150000.4.3.1.x86_64"
},
"product_reference": "typelib-1_0-OSTree-1_0-2018.1-150000.4.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-2018.1-150000.4.3.1.aarch64 as component of SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS:libostree-2018.1-150000.4.3.1.aarch64"
},
"product_reference": "libostree-2018.1-150000.4.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-2018.1-150000.4.3.1.ppc64le as component of SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS:libostree-2018.1-150000.4.3.1.ppc64le"
},
"product_reference": "libostree-2018.1-150000.4.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-2018.1-150000.4.3.1.s390x as component of SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS:libostree-2018.1-150000.4.3.1.s390x"
},
"product_reference": "libostree-2018.1-150000.4.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-2018.1-150000.4.3.1.x86_64 as component of SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS:libostree-2018.1-150000.4.3.1.x86_64"
},
"product_reference": "libostree-2018.1-150000.4.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-1-1-2018.1-150000.4.3.1.aarch64 as component of SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS:libostree-1-1-2018.1-150000.4.3.1.aarch64"
},
"product_reference": "libostree-1-1-2018.1-150000.4.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-1-1-2018.1-150000.4.3.1.ppc64le as component of SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS:libostree-1-1-2018.1-150000.4.3.1.ppc64le"
},
"product_reference": "libostree-1-1-2018.1-150000.4.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-1-1-2018.1-150000.4.3.1.s390x as component of SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS:libostree-1-1-2018.1-150000.4.3.1.s390x"
},
"product_reference": "libostree-1-1-2018.1-150000.4.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-1-1-2018.1-150000.4.3.1.x86_64 as component of SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS:libostree-1-1-2018.1-150000.4.3.1.x86_64"
},
"product_reference": "libostree-1-1-2018.1-150000.4.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-devel-2018.1-150000.4.3.1.aarch64 as component of SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS:libostree-devel-2018.1-150000.4.3.1.aarch64"
},
"product_reference": "libostree-devel-2018.1-150000.4.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-devel-2018.1-150000.4.3.1.ppc64le as component of SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS:libostree-devel-2018.1-150000.4.3.1.ppc64le"
},
"product_reference": "libostree-devel-2018.1-150000.4.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-devel-2018.1-150000.4.3.1.s390x as component of SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS:libostree-devel-2018.1-150000.4.3.1.s390x"
},
"product_reference": "libostree-devel-2018.1-150000.4.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-devel-2018.1-150000.4.3.1.x86_64 as component of SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS:libostree-devel-2018.1-150000.4.3.1.x86_64"
},
"product_reference": "libostree-devel-2018.1-150000.4.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-OSTree-1_0-2018.1-150000.4.3.1.aarch64 as component of SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS:typelib-1_0-OSTree-1_0-2018.1-150000.4.3.1.aarch64"
},
"product_reference": "typelib-1_0-OSTree-1_0-2018.1-150000.4.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-OSTree-1_0-2018.1-150000.4.3.1.ppc64le as component of SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS:typelib-1_0-OSTree-1_0-2018.1-150000.4.3.1.ppc64le"
},
"product_reference": "typelib-1_0-OSTree-1_0-2018.1-150000.4.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-OSTree-1_0-2018.1-150000.4.3.1.s390x as component of SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS:typelib-1_0-OSTree-1_0-2018.1-150000.4.3.1.s390x"
},
"product_reference": "typelib-1_0-OSTree-1_0-2018.1-150000.4.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-OSTree-1_0-2018.1-150000.4.3.1.x86_64 as component of SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS:typelib-1_0-OSTree-1_0-2018.1-150000.4.3.1.x86_64"
},
"product_reference": "typelib-1_0-OSTree-1_0-2018.1-150000.4.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-2018.1-150000.4.3.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15:libostree-2018.1-150000.4.3.1.ppc64le"
},
"product_reference": "libostree-2018.1-150000.4.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-2018.1-150000.4.3.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15:libostree-2018.1-150000.4.3.1.x86_64"
},
"product_reference": "libostree-2018.1-150000.4.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-1-1-2018.1-150000.4.3.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15:libostree-1-1-2018.1-150000.4.3.1.ppc64le"
},
"product_reference": "libostree-1-1-2018.1-150000.4.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-1-1-2018.1-150000.4.3.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15:libostree-1-1-2018.1-150000.4.3.1.x86_64"
},
"product_reference": "libostree-1-1-2018.1-150000.4.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-devel-2018.1-150000.4.3.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15:libostree-devel-2018.1-150000.4.3.1.ppc64le"
},
"product_reference": "libostree-devel-2018.1-150000.4.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-devel-2018.1-150000.4.3.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15:libostree-devel-2018.1-150000.4.3.1.x86_64"
},
"product_reference": "libostree-devel-2018.1-150000.4.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-OSTree-1_0-2018.1-150000.4.3.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15:typelib-1_0-OSTree-1_0-2018.1-150000.4.3.1.ppc64le"
},
"product_reference": "typelib-1_0-OSTree-1_0-2018.1-150000.4.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-OSTree-1_0-2018.1-150000.4.3.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15:typelib-1_0-OSTree-1_0-2018.1-150000.4.3.1.x86_64"
},
"product_reference": "typelib-1_0-OSTree-1_0-2018.1-150000.4.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2014-9862",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-9862"
}
],
"notes": [
{
"category": "general",
"text": "Integer signedness error in bspatch.c in bspatch in bsdiff, as used in Apple OS X before 10.11.6 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow) via a crafted patch file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libostree-1-1-2018.1-150000.4.3.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libostree-1-1-2018.1-150000.4.3.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libostree-2018.1-150000.4.3.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libostree-2018.1-150000.4.3.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libostree-devel-2018.1-150000.4.3.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libostree-devel-2018.1-150000.4.3.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:typelib-1_0-OSTree-1_0-2018.1-150000.4.3.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:typelib-1_0-OSTree-1_0-2018.1-150000.4.3.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libostree-1-1-2018.1-150000.4.3.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libostree-1-1-2018.1-150000.4.3.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libostree-2018.1-150000.4.3.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libostree-2018.1-150000.4.3.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libostree-devel-2018.1-150000.4.3.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libostree-devel-2018.1-150000.4.3.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:typelib-1_0-OSTree-1_0-2018.1-150000.4.3.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:typelib-1_0-OSTree-1_0-2018.1-150000.4.3.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:libostree-1-1-2018.1-150000.4.3.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:libostree-1-1-2018.1-150000.4.3.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:libostree-1-1-2018.1-150000.4.3.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:libostree-1-1-2018.1-150000.4.3.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:libostree-2018.1-150000.4.3.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:libostree-2018.1-150000.4.3.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:libostree-2018.1-150000.4.3.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:libostree-2018.1-150000.4.3.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:libostree-devel-2018.1-150000.4.3.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:libostree-devel-2018.1-150000.4.3.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:libostree-devel-2018.1-150000.4.3.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:libostree-devel-2018.1-150000.4.3.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:typelib-1_0-OSTree-1_0-2018.1-150000.4.3.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:typelib-1_0-OSTree-1_0-2018.1-150000.4.3.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:typelib-1_0-OSTree-1_0-2018.1-150000.4.3.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:typelib-1_0-OSTree-1_0-2018.1-150000.4.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:libostree-1-1-2018.1-150000.4.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:libostree-1-1-2018.1-150000.4.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:libostree-2018.1-150000.4.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:libostree-2018.1-150000.4.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:libostree-devel-2018.1-150000.4.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:libostree-devel-2018.1-150000.4.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:typelib-1_0-OSTree-1_0-2018.1-150000.4.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:typelib-1_0-OSTree-1_0-2018.1-150000.4.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-9862",
"url": "https://www.suse.com/security/cve/CVE-2014-9862"
},
{
"category": "external",
"summary": "SUSE Bug 1173974 for CVE-2014-9862",
"url": "https://bugzilla.suse.com/1173974"
},
{
"category": "external",
"summary": "SUSE Bug 1201770 for CVE-2014-9862",
"url": "https://bugzilla.suse.com/1201770"
},
{
"category": "external",
"summary": "SUSE Bug 990660 for CVE-2014-9862",
"url": "https://bugzilla.suse.com/990660"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libostree-1-1-2018.1-150000.4.3.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libostree-1-1-2018.1-150000.4.3.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libostree-2018.1-150000.4.3.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libostree-2018.1-150000.4.3.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libostree-devel-2018.1-150000.4.3.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libostree-devel-2018.1-150000.4.3.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:typelib-1_0-OSTree-1_0-2018.1-150000.4.3.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:typelib-1_0-OSTree-1_0-2018.1-150000.4.3.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libostree-1-1-2018.1-150000.4.3.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libostree-1-1-2018.1-150000.4.3.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libostree-2018.1-150000.4.3.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libostree-2018.1-150000.4.3.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libostree-devel-2018.1-150000.4.3.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libostree-devel-2018.1-150000.4.3.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:typelib-1_0-OSTree-1_0-2018.1-150000.4.3.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:typelib-1_0-OSTree-1_0-2018.1-150000.4.3.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:libostree-1-1-2018.1-150000.4.3.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:libostree-1-1-2018.1-150000.4.3.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:libostree-1-1-2018.1-150000.4.3.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:libostree-1-1-2018.1-150000.4.3.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:libostree-2018.1-150000.4.3.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:libostree-2018.1-150000.4.3.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:libostree-2018.1-150000.4.3.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:libostree-2018.1-150000.4.3.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:libostree-devel-2018.1-150000.4.3.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:libostree-devel-2018.1-150000.4.3.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:libostree-devel-2018.1-150000.4.3.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:libostree-devel-2018.1-150000.4.3.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:typelib-1_0-OSTree-1_0-2018.1-150000.4.3.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:typelib-1_0-OSTree-1_0-2018.1-150000.4.3.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:typelib-1_0-OSTree-1_0-2018.1-150000.4.3.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:typelib-1_0-OSTree-1_0-2018.1-150000.4.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:libostree-1-1-2018.1-150000.4.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:libostree-1-1-2018.1-150000.4.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:libostree-2018.1-150000.4.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:libostree-2018.1-150000.4.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:libostree-devel-2018.1-150000.4.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:libostree-devel-2018.1-150000.4.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:typelib-1_0-OSTree-1_0-2018.1-150000.4.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:typelib-1_0-OSTree-1_0-2018.1-150000.4.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libostree-1-1-2018.1-150000.4.3.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libostree-1-1-2018.1-150000.4.3.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libostree-2018.1-150000.4.3.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libostree-2018.1-150000.4.3.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libostree-devel-2018.1-150000.4.3.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libostree-devel-2018.1-150000.4.3.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:typelib-1_0-OSTree-1_0-2018.1-150000.4.3.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:typelib-1_0-OSTree-1_0-2018.1-150000.4.3.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libostree-1-1-2018.1-150000.4.3.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libostree-1-1-2018.1-150000.4.3.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libostree-2018.1-150000.4.3.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libostree-2018.1-150000.4.3.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libostree-devel-2018.1-150000.4.3.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libostree-devel-2018.1-150000.4.3.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:typelib-1_0-OSTree-1_0-2018.1-150000.4.3.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:typelib-1_0-OSTree-1_0-2018.1-150000.4.3.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:libostree-1-1-2018.1-150000.4.3.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:libostree-1-1-2018.1-150000.4.3.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:libostree-1-1-2018.1-150000.4.3.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:libostree-1-1-2018.1-150000.4.3.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:libostree-2018.1-150000.4.3.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:libostree-2018.1-150000.4.3.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:libostree-2018.1-150000.4.3.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:libostree-2018.1-150000.4.3.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:libostree-devel-2018.1-150000.4.3.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:libostree-devel-2018.1-150000.4.3.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:libostree-devel-2018.1-150000.4.3.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:libostree-devel-2018.1-150000.4.3.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:typelib-1_0-OSTree-1_0-2018.1-150000.4.3.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:typelib-1_0-OSTree-1_0-2018.1-150000.4.3.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:typelib-1_0-OSTree-1_0-2018.1-150000.4.3.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:typelib-1_0-OSTree-1_0-2018.1-150000.4.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:libostree-1-1-2018.1-150000.4.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:libostree-1-1-2018.1-150000.4.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:libostree-2018.1-150000.4.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:libostree-2018.1-150000.4.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:libostree-devel-2018.1-150000.4.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:libostree-devel-2018.1-150000.4.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:typelib-1_0-OSTree-1_0-2018.1-150000.4.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:typelib-1_0-OSTree-1_0-2018.1-150000.4.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-10-20T08:52:30Z",
"details": "moderate"
}
],
"title": "CVE-2014-9862"
}
]
}
suse-su-2022:3456-1
Vulnerability from csaf_suse
Published
2022-09-28 14:58
Modified
2022-09-28 14:58
Summary
Security update for libostree
Notes
Title of the patch
Security update for libostree
Description of the patch
This update for libostree fixes the following issues:
- CVE-2014-9862: Fixed arbitrary write on heap vulnerability (bsc#1201770).
Patchnames
SUSE-2022-3456,SUSE-SLE-Module-Basesystem-15-SP3-2022-3456,SUSE-SLE-Module-Desktop-Applications-15-SP3-2022-3456,SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-3456,SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-3456,SUSE-SLE-Product-SLES-15-SP2-BCL-2022-3456,SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-3456,SUSE-SLE-Product-SLES_SAP-15-SP2-2022-3456,SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-3456,SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-3456,SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-3456,SUSE-Storage-7-2022-3456,openSUSE-SLE-15.3-2022-3456
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for libostree",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for libostree fixes the following issues:\n\n- CVE-2014-9862: Fixed arbitrary write on heap vulnerability (bsc#1201770).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2022-3456,SUSE-SLE-Module-Basesystem-15-SP3-2022-3456,SUSE-SLE-Module-Desktop-Applications-15-SP3-2022-3456,SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-3456,SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-3456,SUSE-SLE-Product-SLES-15-SP2-BCL-2022-3456,SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-3456,SUSE-SLE-Product-SLES_SAP-15-SP2-2022-3456,SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-3456,SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-3456,SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-3456,SUSE-Storage-7-2022-3456,openSUSE-SLE-15.3-2022-3456",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_3456-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2022:3456-1",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-20223456-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2022:3456-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2022-September/012445.html"
},
{
"category": "self",
"summary": "SUSE Bug 1201770",
"url": "https://bugzilla.suse.com/1201770"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-9862 page",
"url": "https://www.suse.com/security/cve/CVE-2014-9862/"
}
],
"title": "Security update for libostree",
"tracking": {
"current_release_date": "2022-09-28T14:58:25Z",
"generator": {
"date": "2022-09-28T14:58:25Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2022:3456-1",
"initial_release_date": "2022-09-28T14:58:25Z",
"revision_history": [
{
"date": "2022-09-28T14:58:25Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libostree-2020.8-150200.3.6.1.aarch64",
"product": {
"name": "libostree-2020.8-150200.3.6.1.aarch64",
"product_id": "libostree-2020.8-150200.3.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "libostree-1-1-2020.8-150200.3.6.1.aarch64",
"product": {
"name": "libostree-1-1-2020.8-150200.3.6.1.aarch64",
"product_id": "libostree-1-1-2020.8-150200.3.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "libostree-devel-2020.8-150200.3.6.1.aarch64",
"product": {
"name": "libostree-devel-2020.8-150200.3.6.1.aarch64",
"product_id": "libostree-devel-2020.8-150200.3.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "libostree-grub2-2020.8-150200.3.6.1.aarch64",
"product": {
"name": "libostree-grub2-2020.8-150200.3.6.1.aarch64",
"product_id": "libostree-grub2-2020.8-150200.3.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.aarch64",
"product": {
"name": "typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.aarch64",
"product_id": "typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libostree-2020.8-150200.3.6.1.i586",
"product": {
"name": "libostree-2020.8-150200.3.6.1.i586",
"product_id": "libostree-2020.8-150200.3.6.1.i586"
}
},
{
"category": "product_version",
"name": "libostree-1-1-2020.8-150200.3.6.1.i586",
"product": {
"name": "libostree-1-1-2020.8-150200.3.6.1.i586",
"product_id": "libostree-1-1-2020.8-150200.3.6.1.i586"
}
},
{
"category": "product_version",
"name": "libostree-devel-2020.8-150200.3.6.1.i586",
"product": {
"name": "libostree-devel-2020.8-150200.3.6.1.i586",
"product_id": "libostree-devel-2020.8-150200.3.6.1.i586"
}
},
{
"category": "product_version",
"name": "libostree-grub2-2020.8-150200.3.6.1.i586",
"product": {
"name": "libostree-grub2-2020.8-150200.3.6.1.i586",
"product_id": "libostree-grub2-2020.8-150200.3.6.1.i586"
}
},
{
"category": "product_version",
"name": "typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.i586",
"product": {
"name": "typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.i586",
"product_id": "typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "libostree-2020.8-150200.3.6.1.ppc64le",
"product": {
"name": "libostree-2020.8-150200.3.6.1.ppc64le",
"product_id": "libostree-2020.8-150200.3.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libostree-1-1-2020.8-150200.3.6.1.ppc64le",
"product": {
"name": "libostree-1-1-2020.8-150200.3.6.1.ppc64le",
"product_id": "libostree-1-1-2020.8-150200.3.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libostree-devel-2020.8-150200.3.6.1.ppc64le",
"product": {
"name": "libostree-devel-2020.8-150200.3.6.1.ppc64le",
"product_id": "libostree-devel-2020.8-150200.3.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libostree-grub2-2020.8-150200.3.6.1.ppc64le",
"product": {
"name": "libostree-grub2-2020.8-150200.3.6.1.ppc64le",
"product_id": "libostree-grub2-2020.8-150200.3.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.ppc64le",
"product": {
"name": "typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.ppc64le",
"product_id": "typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libostree-2020.8-150200.3.6.1.s390x",
"product": {
"name": "libostree-2020.8-150200.3.6.1.s390x",
"product_id": "libostree-2020.8-150200.3.6.1.s390x"
}
},
{
"category": "product_version",
"name": "libostree-1-1-2020.8-150200.3.6.1.s390x",
"product": {
"name": "libostree-1-1-2020.8-150200.3.6.1.s390x",
"product_id": "libostree-1-1-2020.8-150200.3.6.1.s390x"
}
},
{
"category": "product_version",
"name": "libostree-devel-2020.8-150200.3.6.1.s390x",
"product": {
"name": "libostree-devel-2020.8-150200.3.6.1.s390x",
"product_id": "libostree-devel-2020.8-150200.3.6.1.s390x"
}
},
{
"category": "product_version",
"name": "typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.s390x",
"product": {
"name": "typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.s390x",
"product_id": "typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libostree-2020.8-150200.3.6.1.x86_64",
"product": {
"name": "libostree-2020.8-150200.3.6.1.x86_64",
"product_id": "libostree-2020.8-150200.3.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "libostree-1-1-2020.8-150200.3.6.1.x86_64",
"product": {
"name": "libostree-1-1-2020.8-150200.3.6.1.x86_64",
"product_id": "libostree-1-1-2020.8-150200.3.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "libostree-devel-2020.8-150200.3.6.1.x86_64",
"product": {
"name": "libostree-devel-2020.8-150200.3.6.1.x86_64",
"product_id": "libostree-devel-2020.8-150200.3.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "libostree-grub2-2020.8-150200.3.6.1.x86_64",
"product": {
"name": "libostree-grub2-2020.8-150200.3.6.1.x86_64",
"product_id": "libostree-grub2-2020.8-150200.3.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.x86_64",
"product": {
"name": "typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.x86_64",
"product_id": "typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP3",
"product": {
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-basesystem:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Desktop Applications 15 SP3",
"product": {
"name": "SUSE Linux Enterprise Module for Desktop Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-desktop-applications:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP2-BCL",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 15 SP2-BCL",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_bcl:15:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP2-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Manager Proxy 4.1",
"product": {
"name": "SUSE Manager Proxy 4.1",
"product_id": "SUSE Manager Proxy 4.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-manager-proxy:4.1"
}
}
},
{
"category": "product_name",
"name": "SUSE Manager Retail Branch Server 4.1",
"product": {
"name": "SUSE Manager Retail Branch Server 4.1",
"product_id": "SUSE Manager Retail Branch Server 4.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-manager-retail-branch-server:4.1"
}
}
},
{
"category": "product_name",
"name": "SUSE Manager Server 4.1",
"product": {
"name": "SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-manager-server:4.1"
}
}
},
{
"category": "product_name",
"name": "SUSE Enterprise Storage 7",
"product": {
"name": "SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:ses:7"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.3",
"product": {
"name": "openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.3"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-1-1-2020.8-150200.3.6.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP3:libostree-1-1-2020.8-150200.3.6.1.aarch64"
},
"product_reference": "libostree-1-1-2020.8-150200.3.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-1-1-2020.8-150200.3.6.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP3:libostree-1-1-2020.8-150200.3.6.1.ppc64le"
},
"product_reference": "libostree-1-1-2020.8-150200.3.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-1-1-2020.8-150200.3.6.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP3:libostree-1-1-2020.8-150200.3.6.1.s390x"
},
"product_reference": "libostree-1-1-2020.8-150200.3.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-1-1-2020.8-150200.3.6.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP3:libostree-1-1-2020.8-150200.3.6.1.x86_64"
},
"product_reference": "libostree-1-1-2020.8-150200.3.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-2020.8-150200.3.6.1.aarch64 as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP3:libostree-2020.8-150200.3.6.1.aarch64"
},
"product_reference": "libostree-2020.8-150200.3.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-2020.8-150200.3.6.1.ppc64le as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP3:libostree-2020.8-150200.3.6.1.ppc64le"
},
"product_reference": "libostree-2020.8-150200.3.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-2020.8-150200.3.6.1.s390x as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP3:libostree-2020.8-150200.3.6.1.s390x"
},
"product_reference": "libostree-2020.8-150200.3.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-2020.8-150200.3.6.1.x86_64 as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP3:libostree-2020.8-150200.3.6.1.x86_64"
},
"product_reference": "libostree-2020.8-150200.3.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-devel-2020.8-150200.3.6.1.aarch64 as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP3:libostree-devel-2020.8-150200.3.6.1.aarch64"
},
"product_reference": "libostree-devel-2020.8-150200.3.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-devel-2020.8-150200.3.6.1.ppc64le as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP3:libostree-devel-2020.8-150200.3.6.1.ppc64le"
},
"product_reference": "libostree-devel-2020.8-150200.3.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-devel-2020.8-150200.3.6.1.s390x as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP3:libostree-devel-2020.8-150200.3.6.1.s390x"
},
"product_reference": "libostree-devel-2020.8-150200.3.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-devel-2020.8-150200.3.6.1.x86_64 as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP3:libostree-devel-2020.8-150200.3.6.1.x86_64"
},
"product_reference": "libostree-devel-2020.8-150200.3.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.aarch64 as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP3:typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.aarch64"
},
"product_reference": "typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.ppc64le as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP3:typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.ppc64le"
},
"product_reference": "typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.s390x as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP3:typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.s390x"
},
"product_reference": "typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.x86_64 as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP3:typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.x86_64"
},
"product_reference": "typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-2020.8-150200.3.6.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libostree-2020.8-150200.3.6.1.aarch64"
},
"product_reference": "libostree-2020.8-150200.3.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-2020.8-150200.3.6.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libostree-2020.8-150200.3.6.1.x86_64"
},
"product_reference": "libostree-2020.8-150200.3.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-1-1-2020.8-150200.3.6.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libostree-1-1-2020.8-150200.3.6.1.aarch64"
},
"product_reference": "libostree-1-1-2020.8-150200.3.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-1-1-2020.8-150200.3.6.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libostree-1-1-2020.8-150200.3.6.1.x86_64"
},
"product_reference": "libostree-1-1-2020.8-150200.3.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-devel-2020.8-150200.3.6.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libostree-devel-2020.8-150200.3.6.1.aarch64"
},
"product_reference": "libostree-devel-2020.8-150200.3.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-devel-2020.8-150200.3.6.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libostree-devel-2020.8-150200.3.6.1.x86_64"
},
"product_reference": "libostree-devel-2020.8-150200.3.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.aarch64"
},
"product_reference": "typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.x86_64"
},
"product_reference": "typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-2020.8-150200.3.6.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libostree-2020.8-150200.3.6.1.aarch64"
},
"product_reference": "libostree-2020.8-150200.3.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-2020.8-150200.3.6.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libostree-2020.8-150200.3.6.1.x86_64"
},
"product_reference": "libostree-2020.8-150200.3.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-1-1-2020.8-150200.3.6.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libostree-1-1-2020.8-150200.3.6.1.aarch64"
},
"product_reference": "libostree-1-1-2020.8-150200.3.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-1-1-2020.8-150200.3.6.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libostree-1-1-2020.8-150200.3.6.1.x86_64"
},
"product_reference": "libostree-1-1-2020.8-150200.3.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-devel-2020.8-150200.3.6.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libostree-devel-2020.8-150200.3.6.1.aarch64"
},
"product_reference": "libostree-devel-2020.8-150200.3.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-devel-2020.8-150200.3.6.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libostree-devel-2020.8-150200.3.6.1.x86_64"
},
"product_reference": "libostree-devel-2020.8-150200.3.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.aarch64"
},
"product_reference": "typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.x86_64"
},
"product_reference": "typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-2020.8-150200.3.6.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 15 SP2-BCL:libostree-2020.8-150200.3.6.1.x86_64"
},
"product_reference": "libostree-2020.8-150200.3.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-1-1-2020.8-150200.3.6.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 15 SP2-BCL:libostree-1-1-2020.8-150200.3.6.1.x86_64"
},
"product_reference": "libostree-1-1-2020.8-150200.3.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-devel-2020.8-150200.3.6.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 15 SP2-BCL:libostree-devel-2020.8-150200.3.6.1.x86_64"
},
"product_reference": "libostree-devel-2020.8-150200.3.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 15 SP2-BCL:typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.x86_64"
},
"product_reference": "typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-2020.8-150200.3.6.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:libostree-2020.8-150200.3.6.1.aarch64"
},
"product_reference": "libostree-2020.8-150200.3.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-2020.8-150200.3.6.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:libostree-2020.8-150200.3.6.1.ppc64le"
},
"product_reference": "libostree-2020.8-150200.3.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-2020.8-150200.3.6.1.s390x as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:libostree-2020.8-150200.3.6.1.s390x"
},
"product_reference": "libostree-2020.8-150200.3.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-2020.8-150200.3.6.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:libostree-2020.8-150200.3.6.1.x86_64"
},
"product_reference": "libostree-2020.8-150200.3.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-1-1-2020.8-150200.3.6.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:libostree-1-1-2020.8-150200.3.6.1.aarch64"
},
"product_reference": "libostree-1-1-2020.8-150200.3.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-1-1-2020.8-150200.3.6.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:libostree-1-1-2020.8-150200.3.6.1.ppc64le"
},
"product_reference": "libostree-1-1-2020.8-150200.3.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-1-1-2020.8-150200.3.6.1.s390x as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:libostree-1-1-2020.8-150200.3.6.1.s390x"
},
"product_reference": "libostree-1-1-2020.8-150200.3.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-1-1-2020.8-150200.3.6.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:libostree-1-1-2020.8-150200.3.6.1.x86_64"
},
"product_reference": "libostree-1-1-2020.8-150200.3.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-devel-2020.8-150200.3.6.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:libostree-devel-2020.8-150200.3.6.1.aarch64"
},
"product_reference": "libostree-devel-2020.8-150200.3.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-devel-2020.8-150200.3.6.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:libostree-devel-2020.8-150200.3.6.1.ppc64le"
},
"product_reference": "libostree-devel-2020.8-150200.3.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-devel-2020.8-150200.3.6.1.s390x as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:libostree-devel-2020.8-150200.3.6.1.s390x"
},
"product_reference": "libostree-devel-2020.8-150200.3.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-devel-2020.8-150200.3.6.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:libostree-devel-2020.8-150200.3.6.1.x86_64"
},
"product_reference": "libostree-devel-2020.8-150200.3.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.aarch64"
},
"product_reference": "typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.ppc64le"
},
"product_reference": "typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.s390x as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.s390x"
},
"product_reference": "typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.x86_64"
},
"product_reference": "typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-2020.8-150200.3.6.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:libostree-2020.8-150200.3.6.1.ppc64le"
},
"product_reference": "libostree-2020.8-150200.3.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-2020.8-150200.3.6.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:libostree-2020.8-150200.3.6.1.x86_64"
},
"product_reference": "libostree-2020.8-150200.3.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-1-1-2020.8-150200.3.6.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:libostree-1-1-2020.8-150200.3.6.1.ppc64le"
},
"product_reference": "libostree-1-1-2020.8-150200.3.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-1-1-2020.8-150200.3.6.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:libostree-1-1-2020.8-150200.3.6.1.x86_64"
},
"product_reference": "libostree-1-1-2020.8-150200.3.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-devel-2020.8-150200.3.6.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:libostree-devel-2020.8-150200.3.6.1.ppc64le"
},
"product_reference": "libostree-devel-2020.8-150200.3.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-devel-2020.8-150200.3.6.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:libostree-devel-2020.8-150200.3.6.1.x86_64"
},
"product_reference": "libostree-devel-2020.8-150200.3.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.ppc64le"
},
"product_reference": "typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.x86_64"
},
"product_reference": "typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-2020.8-150200.3.6.1.x86_64 as component of SUSE Manager Proxy 4.1",
"product_id": "SUSE Manager Proxy 4.1:libostree-2020.8-150200.3.6.1.x86_64"
},
"product_reference": "libostree-2020.8-150200.3.6.1.x86_64",
"relates_to_product_reference": "SUSE Manager Proxy 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-1-1-2020.8-150200.3.6.1.x86_64 as component of SUSE Manager Proxy 4.1",
"product_id": "SUSE Manager Proxy 4.1:libostree-1-1-2020.8-150200.3.6.1.x86_64"
},
"product_reference": "libostree-1-1-2020.8-150200.3.6.1.x86_64",
"relates_to_product_reference": "SUSE Manager Proxy 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-devel-2020.8-150200.3.6.1.x86_64 as component of SUSE Manager Proxy 4.1",
"product_id": "SUSE Manager Proxy 4.1:libostree-devel-2020.8-150200.3.6.1.x86_64"
},
"product_reference": "libostree-devel-2020.8-150200.3.6.1.x86_64",
"relates_to_product_reference": "SUSE Manager Proxy 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.x86_64 as component of SUSE Manager Proxy 4.1",
"product_id": "SUSE Manager Proxy 4.1:typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.x86_64"
},
"product_reference": "typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.x86_64",
"relates_to_product_reference": "SUSE Manager Proxy 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-2020.8-150200.3.6.1.x86_64 as component of SUSE Manager Retail Branch Server 4.1",
"product_id": "SUSE Manager Retail Branch Server 4.1:libostree-2020.8-150200.3.6.1.x86_64"
},
"product_reference": "libostree-2020.8-150200.3.6.1.x86_64",
"relates_to_product_reference": "SUSE Manager Retail Branch Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-1-1-2020.8-150200.3.6.1.x86_64 as component of SUSE Manager Retail Branch Server 4.1",
"product_id": "SUSE Manager Retail Branch Server 4.1:libostree-1-1-2020.8-150200.3.6.1.x86_64"
},
"product_reference": "libostree-1-1-2020.8-150200.3.6.1.x86_64",
"relates_to_product_reference": "SUSE Manager Retail Branch Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-devel-2020.8-150200.3.6.1.x86_64 as component of SUSE Manager Retail Branch Server 4.1",
"product_id": "SUSE Manager Retail Branch Server 4.1:libostree-devel-2020.8-150200.3.6.1.x86_64"
},
"product_reference": "libostree-devel-2020.8-150200.3.6.1.x86_64",
"relates_to_product_reference": "SUSE Manager Retail Branch Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.x86_64 as component of SUSE Manager Retail Branch Server 4.1",
"product_id": "SUSE Manager Retail Branch Server 4.1:typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.x86_64"
},
"product_reference": "typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.x86_64",
"relates_to_product_reference": "SUSE Manager Retail Branch Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-2020.8-150200.3.6.1.ppc64le as component of SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1:libostree-2020.8-150200.3.6.1.ppc64le"
},
"product_reference": "libostree-2020.8-150200.3.6.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-2020.8-150200.3.6.1.s390x as component of SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1:libostree-2020.8-150200.3.6.1.s390x"
},
"product_reference": "libostree-2020.8-150200.3.6.1.s390x",
"relates_to_product_reference": "SUSE Manager Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-2020.8-150200.3.6.1.x86_64 as component of SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1:libostree-2020.8-150200.3.6.1.x86_64"
},
"product_reference": "libostree-2020.8-150200.3.6.1.x86_64",
"relates_to_product_reference": "SUSE Manager Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-1-1-2020.8-150200.3.6.1.ppc64le as component of SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1:libostree-1-1-2020.8-150200.3.6.1.ppc64le"
},
"product_reference": "libostree-1-1-2020.8-150200.3.6.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-1-1-2020.8-150200.3.6.1.s390x as component of SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1:libostree-1-1-2020.8-150200.3.6.1.s390x"
},
"product_reference": "libostree-1-1-2020.8-150200.3.6.1.s390x",
"relates_to_product_reference": "SUSE Manager Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-1-1-2020.8-150200.3.6.1.x86_64 as component of SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1:libostree-1-1-2020.8-150200.3.6.1.x86_64"
},
"product_reference": "libostree-1-1-2020.8-150200.3.6.1.x86_64",
"relates_to_product_reference": "SUSE Manager Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-devel-2020.8-150200.3.6.1.ppc64le as component of SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1:libostree-devel-2020.8-150200.3.6.1.ppc64le"
},
"product_reference": "libostree-devel-2020.8-150200.3.6.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-devel-2020.8-150200.3.6.1.s390x as component of SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1:libostree-devel-2020.8-150200.3.6.1.s390x"
},
"product_reference": "libostree-devel-2020.8-150200.3.6.1.s390x",
"relates_to_product_reference": "SUSE Manager Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-devel-2020.8-150200.3.6.1.x86_64 as component of SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1:libostree-devel-2020.8-150200.3.6.1.x86_64"
},
"product_reference": "libostree-devel-2020.8-150200.3.6.1.x86_64",
"relates_to_product_reference": "SUSE Manager Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.ppc64le as component of SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1:typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.ppc64le"
},
"product_reference": "typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.s390x as component of SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1:typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.s390x"
},
"product_reference": "typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.s390x",
"relates_to_product_reference": "SUSE Manager Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.x86_64 as component of SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1:typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.x86_64"
},
"product_reference": "typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.x86_64",
"relates_to_product_reference": "SUSE Manager Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-2020.8-150200.3.6.1.aarch64 as component of SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7:libostree-2020.8-150200.3.6.1.aarch64"
},
"product_reference": "libostree-2020.8-150200.3.6.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-2020.8-150200.3.6.1.x86_64 as component of SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7:libostree-2020.8-150200.3.6.1.x86_64"
},
"product_reference": "libostree-2020.8-150200.3.6.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-1-1-2020.8-150200.3.6.1.aarch64 as component of SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7:libostree-1-1-2020.8-150200.3.6.1.aarch64"
},
"product_reference": "libostree-1-1-2020.8-150200.3.6.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-1-1-2020.8-150200.3.6.1.x86_64 as component of SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7:libostree-1-1-2020.8-150200.3.6.1.x86_64"
},
"product_reference": "libostree-1-1-2020.8-150200.3.6.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-devel-2020.8-150200.3.6.1.aarch64 as component of SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7:libostree-devel-2020.8-150200.3.6.1.aarch64"
},
"product_reference": "libostree-devel-2020.8-150200.3.6.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-devel-2020.8-150200.3.6.1.x86_64 as component of SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7:libostree-devel-2020.8-150200.3.6.1.x86_64"
},
"product_reference": "libostree-devel-2020.8-150200.3.6.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.aarch64 as component of SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7:typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.aarch64"
},
"product_reference": "typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.x86_64 as component of SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7:typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.x86_64"
},
"product_reference": "typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-2020.8-150200.3.6.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:libostree-2020.8-150200.3.6.1.aarch64"
},
"product_reference": "libostree-2020.8-150200.3.6.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-2020.8-150200.3.6.1.ppc64le as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:libostree-2020.8-150200.3.6.1.ppc64le"
},
"product_reference": "libostree-2020.8-150200.3.6.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-2020.8-150200.3.6.1.s390x as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:libostree-2020.8-150200.3.6.1.s390x"
},
"product_reference": "libostree-2020.8-150200.3.6.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-2020.8-150200.3.6.1.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:libostree-2020.8-150200.3.6.1.x86_64"
},
"product_reference": "libostree-2020.8-150200.3.6.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-1-1-2020.8-150200.3.6.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:libostree-1-1-2020.8-150200.3.6.1.aarch64"
},
"product_reference": "libostree-1-1-2020.8-150200.3.6.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-1-1-2020.8-150200.3.6.1.ppc64le as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:libostree-1-1-2020.8-150200.3.6.1.ppc64le"
},
"product_reference": "libostree-1-1-2020.8-150200.3.6.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-1-1-2020.8-150200.3.6.1.s390x as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:libostree-1-1-2020.8-150200.3.6.1.s390x"
},
"product_reference": "libostree-1-1-2020.8-150200.3.6.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-1-1-2020.8-150200.3.6.1.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:libostree-1-1-2020.8-150200.3.6.1.x86_64"
},
"product_reference": "libostree-1-1-2020.8-150200.3.6.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-devel-2020.8-150200.3.6.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:libostree-devel-2020.8-150200.3.6.1.aarch64"
},
"product_reference": "libostree-devel-2020.8-150200.3.6.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-devel-2020.8-150200.3.6.1.ppc64le as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:libostree-devel-2020.8-150200.3.6.1.ppc64le"
},
"product_reference": "libostree-devel-2020.8-150200.3.6.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-devel-2020.8-150200.3.6.1.s390x as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:libostree-devel-2020.8-150200.3.6.1.s390x"
},
"product_reference": "libostree-devel-2020.8-150200.3.6.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-devel-2020.8-150200.3.6.1.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:libostree-devel-2020.8-150200.3.6.1.x86_64"
},
"product_reference": "libostree-devel-2020.8-150200.3.6.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-grub2-2020.8-150200.3.6.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:libostree-grub2-2020.8-150200.3.6.1.aarch64"
},
"product_reference": "libostree-grub2-2020.8-150200.3.6.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-grub2-2020.8-150200.3.6.1.ppc64le as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:libostree-grub2-2020.8-150200.3.6.1.ppc64le"
},
"product_reference": "libostree-grub2-2020.8-150200.3.6.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libostree-grub2-2020.8-150200.3.6.1.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:libostree-grub2-2020.8-150200.3.6.1.x86_64"
},
"product_reference": "libostree-grub2-2020.8-150200.3.6.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.aarch64"
},
"product_reference": "typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.ppc64le as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.ppc64le"
},
"product_reference": "typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.s390x as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.s390x"
},
"product_reference": "typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.x86_64"
},
"product_reference": "typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2014-9862",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-9862"
}
],
"notes": [
{
"category": "general",
"text": "Integer signedness error in bspatch.c in bspatch in bsdiff, as used in Apple OS X before 10.11.6 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow) via a crafted patch file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7:libostree-1-1-2020.8-150200.3.6.1.aarch64",
"SUSE Enterprise Storage 7:libostree-1-1-2020.8-150200.3.6.1.x86_64",
"SUSE Enterprise Storage 7:libostree-2020.8-150200.3.6.1.aarch64",
"SUSE Enterprise Storage 7:libostree-2020.8-150200.3.6.1.x86_64",
"SUSE Enterprise Storage 7:libostree-devel-2020.8-150200.3.6.1.aarch64",
"SUSE Enterprise Storage 7:libostree-devel-2020.8-150200.3.6.1.x86_64",
"SUSE Enterprise Storage 7:typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.aarch64",
"SUSE Enterprise Storage 7:typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libostree-1-1-2020.8-150200.3.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libostree-1-1-2020.8-150200.3.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libostree-2020.8-150200.3.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libostree-2020.8-150200.3.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libostree-devel-2020.8-150200.3.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libostree-devel-2020.8-150200.3.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libostree-1-1-2020.8-150200.3.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libostree-1-1-2020.8-150200.3.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libostree-2020.8-150200.3.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libostree-2020.8-150200.3.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libostree-devel-2020.8-150200.3.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libostree-devel-2020.8-150200.3.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libostree-1-1-2020.8-150200.3.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libostree-1-1-2020.8-150200.3.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libostree-1-1-2020.8-150200.3.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libostree-1-1-2020.8-150200.3.6.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP3:libostree-2020.8-150200.3.6.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP3:libostree-2020.8-150200.3.6.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP3:libostree-2020.8-150200.3.6.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP3:libostree-2020.8-150200.3.6.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP3:libostree-devel-2020.8-150200.3.6.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP3:libostree-devel-2020.8-150200.3.6.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP3:libostree-devel-2020.8-150200.3.6.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP3:libostree-devel-2020.8-150200.3.6.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP3:typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP3:typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP3:typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP3:typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libostree-1-1-2020.8-150200.3.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libostree-2020.8-150200.3.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libostree-devel-2020.8-150200.3.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libostree-1-1-2020.8-150200.3.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libostree-1-1-2020.8-150200.3.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libostree-1-1-2020.8-150200.3.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libostree-1-1-2020.8-150200.3.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libostree-2020.8-150200.3.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libostree-2020.8-150200.3.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libostree-2020.8-150200.3.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libostree-2020.8-150200.3.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libostree-devel-2020.8-150200.3.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libostree-devel-2020.8-150200.3.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libostree-devel-2020.8-150200.3.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libostree-devel-2020.8-150200.3.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libostree-1-1-2020.8-150200.3.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libostree-1-1-2020.8-150200.3.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libostree-2020.8-150200.3.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libostree-2020.8-150200.3.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libostree-devel-2020.8-150200.3.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libostree-devel-2020.8-150200.3.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.x86_64",
"SUSE Manager Proxy 4.1:libostree-1-1-2020.8-150200.3.6.1.x86_64",
"SUSE Manager Proxy 4.1:libostree-2020.8-150200.3.6.1.x86_64",
"SUSE Manager Proxy 4.1:libostree-devel-2020.8-150200.3.6.1.x86_64",
"SUSE Manager Proxy 4.1:typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libostree-1-1-2020.8-150200.3.6.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libostree-2020.8-150200.3.6.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libostree-devel-2020.8-150200.3.6.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.x86_64",
"SUSE Manager Server 4.1:libostree-1-1-2020.8-150200.3.6.1.ppc64le",
"SUSE Manager Server 4.1:libostree-1-1-2020.8-150200.3.6.1.s390x",
"SUSE Manager Server 4.1:libostree-1-1-2020.8-150200.3.6.1.x86_64",
"SUSE Manager Server 4.1:libostree-2020.8-150200.3.6.1.ppc64le",
"SUSE Manager Server 4.1:libostree-2020.8-150200.3.6.1.s390x",
"SUSE Manager Server 4.1:libostree-2020.8-150200.3.6.1.x86_64",
"SUSE Manager Server 4.1:libostree-devel-2020.8-150200.3.6.1.ppc64le",
"SUSE Manager Server 4.1:libostree-devel-2020.8-150200.3.6.1.s390x",
"SUSE Manager Server 4.1:libostree-devel-2020.8-150200.3.6.1.x86_64",
"SUSE Manager Server 4.1:typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.ppc64le",
"SUSE Manager Server 4.1:typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.s390x",
"SUSE Manager Server 4.1:typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.x86_64",
"openSUSE Leap 15.3:libostree-1-1-2020.8-150200.3.6.1.aarch64",
"openSUSE Leap 15.3:libostree-1-1-2020.8-150200.3.6.1.ppc64le",
"openSUSE Leap 15.3:libostree-1-1-2020.8-150200.3.6.1.s390x",
"openSUSE Leap 15.3:libostree-1-1-2020.8-150200.3.6.1.x86_64",
"openSUSE Leap 15.3:libostree-2020.8-150200.3.6.1.aarch64",
"openSUSE Leap 15.3:libostree-2020.8-150200.3.6.1.ppc64le",
"openSUSE Leap 15.3:libostree-2020.8-150200.3.6.1.s390x",
"openSUSE Leap 15.3:libostree-2020.8-150200.3.6.1.x86_64",
"openSUSE Leap 15.3:libostree-devel-2020.8-150200.3.6.1.aarch64",
"openSUSE Leap 15.3:libostree-devel-2020.8-150200.3.6.1.ppc64le",
"openSUSE Leap 15.3:libostree-devel-2020.8-150200.3.6.1.s390x",
"openSUSE Leap 15.3:libostree-devel-2020.8-150200.3.6.1.x86_64",
"openSUSE Leap 15.3:libostree-grub2-2020.8-150200.3.6.1.aarch64",
"openSUSE Leap 15.3:libostree-grub2-2020.8-150200.3.6.1.ppc64le",
"openSUSE Leap 15.3:libostree-grub2-2020.8-150200.3.6.1.x86_64",
"openSUSE Leap 15.3:typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.aarch64",
"openSUSE Leap 15.3:typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.ppc64le",
"openSUSE Leap 15.3:typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.s390x",
"openSUSE Leap 15.3:typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-9862",
"url": "https://www.suse.com/security/cve/CVE-2014-9862"
},
{
"category": "external",
"summary": "SUSE Bug 1173974 for CVE-2014-9862",
"url": "https://bugzilla.suse.com/1173974"
},
{
"category": "external",
"summary": "SUSE Bug 1201770 for CVE-2014-9862",
"url": "https://bugzilla.suse.com/1201770"
},
{
"category": "external",
"summary": "SUSE Bug 990660 for CVE-2014-9862",
"url": "https://bugzilla.suse.com/990660"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7:libostree-1-1-2020.8-150200.3.6.1.aarch64",
"SUSE Enterprise Storage 7:libostree-1-1-2020.8-150200.3.6.1.x86_64",
"SUSE Enterprise Storage 7:libostree-2020.8-150200.3.6.1.aarch64",
"SUSE Enterprise Storage 7:libostree-2020.8-150200.3.6.1.x86_64",
"SUSE Enterprise Storage 7:libostree-devel-2020.8-150200.3.6.1.aarch64",
"SUSE Enterprise Storage 7:libostree-devel-2020.8-150200.3.6.1.x86_64",
"SUSE Enterprise Storage 7:typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.aarch64",
"SUSE Enterprise Storage 7:typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libostree-1-1-2020.8-150200.3.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libostree-1-1-2020.8-150200.3.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libostree-2020.8-150200.3.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libostree-2020.8-150200.3.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libostree-devel-2020.8-150200.3.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libostree-devel-2020.8-150200.3.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libostree-1-1-2020.8-150200.3.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libostree-1-1-2020.8-150200.3.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libostree-2020.8-150200.3.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libostree-2020.8-150200.3.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libostree-devel-2020.8-150200.3.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libostree-devel-2020.8-150200.3.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libostree-1-1-2020.8-150200.3.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libostree-1-1-2020.8-150200.3.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libostree-1-1-2020.8-150200.3.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libostree-1-1-2020.8-150200.3.6.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP3:libostree-2020.8-150200.3.6.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP3:libostree-2020.8-150200.3.6.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP3:libostree-2020.8-150200.3.6.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP3:libostree-2020.8-150200.3.6.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP3:libostree-devel-2020.8-150200.3.6.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP3:libostree-devel-2020.8-150200.3.6.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP3:libostree-devel-2020.8-150200.3.6.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP3:libostree-devel-2020.8-150200.3.6.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP3:typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP3:typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP3:typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP3:typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libostree-1-1-2020.8-150200.3.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libostree-2020.8-150200.3.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libostree-devel-2020.8-150200.3.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libostree-1-1-2020.8-150200.3.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libostree-1-1-2020.8-150200.3.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libostree-1-1-2020.8-150200.3.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libostree-1-1-2020.8-150200.3.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libostree-2020.8-150200.3.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libostree-2020.8-150200.3.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libostree-2020.8-150200.3.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libostree-2020.8-150200.3.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libostree-devel-2020.8-150200.3.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libostree-devel-2020.8-150200.3.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libostree-devel-2020.8-150200.3.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libostree-devel-2020.8-150200.3.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libostree-1-1-2020.8-150200.3.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libostree-1-1-2020.8-150200.3.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libostree-2020.8-150200.3.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libostree-2020.8-150200.3.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libostree-devel-2020.8-150200.3.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libostree-devel-2020.8-150200.3.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.x86_64",
"SUSE Manager Proxy 4.1:libostree-1-1-2020.8-150200.3.6.1.x86_64",
"SUSE Manager Proxy 4.1:libostree-2020.8-150200.3.6.1.x86_64",
"SUSE Manager Proxy 4.1:libostree-devel-2020.8-150200.3.6.1.x86_64",
"SUSE Manager Proxy 4.1:typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libostree-1-1-2020.8-150200.3.6.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libostree-2020.8-150200.3.6.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libostree-devel-2020.8-150200.3.6.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.x86_64",
"SUSE Manager Server 4.1:libostree-1-1-2020.8-150200.3.6.1.ppc64le",
"SUSE Manager Server 4.1:libostree-1-1-2020.8-150200.3.6.1.s390x",
"SUSE Manager Server 4.1:libostree-1-1-2020.8-150200.3.6.1.x86_64",
"SUSE Manager Server 4.1:libostree-2020.8-150200.3.6.1.ppc64le",
"SUSE Manager Server 4.1:libostree-2020.8-150200.3.6.1.s390x",
"SUSE Manager Server 4.1:libostree-2020.8-150200.3.6.1.x86_64",
"SUSE Manager Server 4.1:libostree-devel-2020.8-150200.3.6.1.ppc64le",
"SUSE Manager Server 4.1:libostree-devel-2020.8-150200.3.6.1.s390x",
"SUSE Manager Server 4.1:libostree-devel-2020.8-150200.3.6.1.x86_64",
"SUSE Manager Server 4.1:typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.ppc64le",
"SUSE Manager Server 4.1:typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.s390x",
"SUSE Manager Server 4.1:typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.x86_64",
"openSUSE Leap 15.3:libostree-1-1-2020.8-150200.3.6.1.aarch64",
"openSUSE Leap 15.3:libostree-1-1-2020.8-150200.3.6.1.ppc64le",
"openSUSE Leap 15.3:libostree-1-1-2020.8-150200.3.6.1.s390x",
"openSUSE Leap 15.3:libostree-1-1-2020.8-150200.3.6.1.x86_64",
"openSUSE Leap 15.3:libostree-2020.8-150200.3.6.1.aarch64",
"openSUSE Leap 15.3:libostree-2020.8-150200.3.6.1.ppc64le",
"openSUSE Leap 15.3:libostree-2020.8-150200.3.6.1.s390x",
"openSUSE Leap 15.3:libostree-2020.8-150200.3.6.1.x86_64",
"openSUSE Leap 15.3:libostree-devel-2020.8-150200.3.6.1.aarch64",
"openSUSE Leap 15.3:libostree-devel-2020.8-150200.3.6.1.ppc64le",
"openSUSE Leap 15.3:libostree-devel-2020.8-150200.3.6.1.s390x",
"openSUSE Leap 15.3:libostree-devel-2020.8-150200.3.6.1.x86_64",
"openSUSE Leap 15.3:libostree-grub2-2020.8-150200.3.6.1.aarch64",
"openSUSE Leap 15.3:libostree-grub2-2020.8-150200.3.6.1.ppc64le",
"openSUSE Leap 15.3:libostree-grub2-2020.8-150200.3.6.1.x86_64",
"openSUSE Leap 15.3:typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.aarch64",
"openSUSE Leap 15.3:typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.ppc64le",
"openSUSE Leap 15.3:typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.s390x",
"openSUSE Leap 15.3:typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7:libostree-1-1-2020.8-150200.3.6.1.aarch64",
"SUSE Enterprise Storage 7:libostree-1-1-2020.8-150200.3.6.1.x86_64",
"SUSE Enterprise Storage 7:libostree-2020.8-150200.3.6.1.aarch64",
"SUSE Enterprise Storage 7:libostree-2020.8-150200.3.6.1.x86_64",
"SUSE Enterprise Storage 7:libostree-devel-2020.8-150200.3.6.1.aarch64",
"SUSE Enterprise Storage 7:libostree-devel-2020.8-150200.3.6.1.x86_64",
"SUSE Enterprise Storage 7:typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.aarch64",
"SUSE Enterprise Storage 7:typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libostree-1-1-2020.8-150200.3.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libostree-1-1-2020.8-150200.3.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libostree-2020.8-150200.3.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libostree-2020.8-150200.3.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libostree-devel-2020.8-150200.3.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libostree-devel-2020.8-150200.3.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libostree-1-1-2020.8-150200.3.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libostree-1-1-2020.8-150200.3.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libostree-2020.8-150200.3.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libostree-2020.8-150200.3.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libostree-devel-2020.8-150200.3.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libostree-devel-2020.8-150200.3.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libostree-1-1-2020.8-150200.3.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libostree-1-1-2020.8-150200.3.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libostree-1-1-2020.8-150200.3.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libostree-1-1-2020.8-150200.3.6.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP3:libostree-2020.8-150200.3.6.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP3:libostree-2020.8-150200.3.6.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP3:libostree-2020.8-150200.3.6.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP3:libostree-2020.8-150200.3.6.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP3:libostree-devel-2020.8-150200.3.6.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP3:libostree-devel-2020.8-150200.3.6.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP3:libostree-devel-2020.8-150200.3.6.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP3:libostree-devel-2020.8-150200.3.6.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP3:typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP3:typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP3:typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP3:typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libostree-1-1-2020.8-150200.3.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libostree-2020.8-150200.3.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libostree-devel-2020.8-150200.3.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libostree-1-1-2020.8-150200.3.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libostree-1-1-2020.8-150200.3.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libostree-1-1-2020.8-150200.3.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libostree-1-1-2020.8-150200.3.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libostree-2020.8-150200.3.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libostree-2020.8-150200.3.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libostree-2020.8-150200.3.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libostree-2020.8-150200.3.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libostree-devel-2020.8-150200.3.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libostree-devel-2020.8-150200.3.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libostree-devel-2020.8-150200.3.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libostree-devel-2020.8-150200.3.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libostree-1-1-2020.8-150200.3.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libostree-1-1-2020.8-150200.3.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libostree-2020.8-150200.3.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libostree-2020.8-150200.3.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libostree-devel-2020.8-150200.3.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libostree-devel-2020.8-150200.3.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.x86_64",
"SUSE Manager Proxy 4.1:libostree-1-1-2020.8-150200.3.6.1.x86_64",
"SUSE Manager Proxy 4.1:libostree-2020.8-150200.3.6.1.x86_64",
"SUSE Manager Proxy 4.1:libostree-devel-2020.8-150200.3.6.1.x86_64",
"SUSE Manager Proxy 4.1:typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libostree-1-1-2020.8-150200.3.6.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libostree-2020.8-150200.3.6.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libostree-devel-2020.8-150200.3.6.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.x86_64",
"SUSE Manager Server 4.1:libostree-1-1-2020.8-150200.3.6.1.ppc64le",
"SUSE Manager Server 4.1:libostree-1-1-2020.8-150200.3.6.1.s390x",
"SUSE Manager Server 4.1:libostree-1-1-2020.8-150200.3.6.1.x86_64",
"SUSE Manager Server 4.1:libostree-2020.8-150200.3.6.1.ppc64le",
"SUSE Manager Server 4.1:libostree-2020.8-150200.3.6.1.s390x",
"SUSE Manager Server 4.1:libostree-2020.8-150200.3.6.1.x86_64",
"SUSE Manager Server 4.1:libostree-devel-2020.8-150200.3.6.1.ppc64le",
"SUSE Manager Server 4.1:libostree-devel-2020.8-150200.3.6.1.s390x",
"SUSE Manager Server 4.1:libostree-devel-2020.8-150200.3.6.1.x86_64",
"SUSE Manager Server 4.1:typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.ppc64le",
"SUSE Manager Server 4.1:typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.s390x",
"SUSE Manager Server 4.1:typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.x86_64",
"openSUSE Leap 15.3:libostree-1-1-2020.8-150200.3.6.1.aarch64",
"openSUSE Leap 15.3:libostree-1-1-2020.8-150200.3.6.1.ppc64le",
"openSUSE Leap 15.3:libostree-1-1-2020.8-150200.3.6.1.s390x",
"openSUSE Leap 15.3:libostree-1-1-2020.8-150200.3.6.1.x86_64",
"openSUSE Leap 15.3:libostree-2020.8-150200.3.6.1.aarch64",
"openSUSE Leap 15.3:libostree-2020.8-150200.3.6.1.ppc64le",
"openSUSE Leap 15.3:libostree-2020.8-150200.3.6.1.s390x",
"openSUSE Leap 15.3:libostree-2020.8-150200.3.6.1.x86_64",
"openSUSE Leap 15.3:libostree-devel-2020.8-150200.3.6.1.aarch64",
"openSUSE Leap 15.3:libostree-devel-2020.8-150200.3.6.1.ppc64le",
"openSUSE Leap 15.3:libostree-devel-2020.8-150200.3.6.1.s390x",
"openSUSE Leap 15.3:libostree-devel-2020.8-150200.3.6.1.x86_64",
"openSUSE Leap 15.3:libostree-grub2-2020.8-150200.3.6.1.aarch64",
"openSUSE Leap 15.3:libostree-grub2-2020.8-150200.3.6.1.ppc64le",
"openSUSE Leap 15.3:libostree-grub2-2020.8-150200.3.6.1.x86_64",
"openSUSE Leap 15.3:typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.aarch64",
"openSUSE Leap 15.3:typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.ppc64le",
"openSUSE Leap 15.3:typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.s390x",
"openSUSE Leap 15.3:typelib-1_0-OSTree-1_0-2020.8-150200.3.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-09-28T14:58:25Z",
"details": "moderate"
}
],
"title": "CVE-2014-9862"
}
]
}
fkie_cve-2014-9862
Vulnerability from fkie_nvd
Published
2016-07-22 02:59
Modified
2025-04-12 10:46
Severity ?
Summary
Integer signedness error in bspatch.c in bspatch in bsdiff, as used in Apple OS X before 10.11.6 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow) via a crafted patch file.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html | Mailing List, Vendor Advisory | |
| cve@mitre.org | http://lists.opensuse.org/opensuse-updates/2016-08/msg00026.html | ||
| cve@mitre.org | http://seclists.org/fulldisclosure/2020/Jul/8 | ||
| cve@mitre.org | http://www.openwall.com/lists/oss-security/2020/07/09/2 | ||
| cve@mitre.org | http://www.securityfocus.com/bid/91824 | ||
| cve@mitre.org | http://www.securitytracker.com/id/1036438 | ||
| cve@mitre.org | https://android.googlesource.com/platform/external/bsdiff/+/4d054795b673855e3a7556c6f2f7ab99ca509998 | Issue Tracking | |
| cve@mitre.org | https://bugs.chromium.org/p/chromium/issues/detail?id=372525 | Issue Tracking | |
| cve@mitre.org | https://chromium.googlesource.com/chromiumos/third_party/bsdiff/+/d0307d1711bd74e51b783a49f9160775aa22e659 | Issue Tracking | |
| cve@mitre.org | https://lists.debian.org/debian-lts-announce/2019/11/msg00028.html | ||
| cve@mitre.org | https://security.FreeBSD.org/advisories/FreeBSD-SA-16:25.bspatch.asc | ||
| cve@mitre.org | https://security.gentoo.org/glsa/202003-44 | ||
| cve@mitre.org | https://support.apple.com/HT206903 | Vendor Advisory | |
| cve@mitre.org | https://usn.ubuntu.com/4500-1/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html | Mailing List, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-updates/2016-08/msg00026.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/fulldisclosure/2020/Jul/8 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2020/07/09/2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/91824 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1036438 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://android.googlesource.com/platform/external/bsdiff/+/4d054795b673855e3a7556c6f2f7ab99ca509998 | Issue Tracking | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugs.chromium.org/p/chromium/issues/detail?id=372525 | Issue Tracking | |
| af854a3a-2127-422b-91ae-364da2661108 | https://chromium.googlesource.com/chromiumos/third_party/bsdiff/+/d0307d1711bd74e51b783a49f9160775aa22e659 | Issue Tracking | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2019/11/msg00028.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://security.FreeBSD.org/advisories/FreeBSD-SA-16:25.bspatch.asc | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/202003-44 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://support.apple.com/HT206903 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://usn.ubuntu.com/4500-1/ |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "73712D16-E03B-4230-B253-4E96EEE61EA7",
"versionEndIncluding": "10.11.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Integer signedness error in bspatch.c in bspatch in bsdiff, as used in Apple OS X before 10.11.6 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow) via a crafted patch file."
},
{
"lang": "es",
"value": "Error de entero sin signo en bspatch.c en bspatch en bsdiff, como se utiliza en Apple OS X en versiones anteriores a 10.11.6 y otros productos, permite a atacantes remotos ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (desbordamiento de buffer basado en memoria din\u00e1mica) a trav\u00e9s de un archivo de revisi\u00f3n manipulado."
}
],
"id": "CVE-2014-9862",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-07-22T02:59:00.127",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Vendor Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-updates/2016-08/msg00026.html"
},
{
"source": "cve@mitre.org",
"url": "http://seclists.org/fulldisclosure/2020/Jul/8"
},
{
"source": "cve@mitre.org",
"url": "http://www.openwall.com/lists/oss-security/2020/07/09/2"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/91824"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1036438"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
],
"url": "https://android.googlesource.com/platform/external/bsdiff/+/4d054795b673855e3a7556c6f2f7ab99ca509998"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
],
"url": "https://bugs.chromium.org/p/chromium/issues/detail?id=372525"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
],
"url": "https://chromium.googlesource.com/chromiumos/third_party/bsdiff/+/d0307d1711bd74e51b783a49f9160775aa22e659"
},
{
"source": "cve@mitre.org",
"url": "https://lists.debian.org/debian-lts-announce/2019/11/msg00028.html"
},
{
"source": "cve@mitre.org",
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-16:25.bspatch.asc"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/202003-44"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://support.apple.com/HT206903"
},
{
"source": "cve@mitre.org",
"url": "https://usn.ubuntu.com/4500-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Vendor Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2016-08/msg00026.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/fulldisclosure/2020/Jul/8"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2020/07/09/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/91824"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036438"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "https://android.googlesource.com/platform/external/bsdiff/+/4d054795b673855e3a7556c6f2f7ab99ca509998"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "https://bugs.chromium.org/p/chromium/issues/detail?id=372525"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "https://chromium.googlesource.com/chromiumos/third_party/bsdiff/+/d0307d1711bd74e51b783a49f9160775aa22e659"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.debian.org/debian-lts-announce/2019/11/msg00028.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-16:25.bspatch.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/202003-44"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.apple.com/HT206903"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://usn.ubuntu.com/4500-1/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-190"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CERTFR-2016-AVI-239
Vulnerability from certfr_avis
De multiples vulnérabilités ont été corrigées dans les produits Apple. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Apple | N/A | Apple tvOS versions antérieures à 9.2.2 | ||
| Apple | N/A | Apple iTunes pour Windows versions antérieures à 12.4.2 | ||
| Apple | N/A | Apple iCloud pour Windows versions antérieures à 5.2.1 | ||
| Apple | Safari | Apple Safari versions antérieures à 9.1.2 | ||
| Apple | N/A | Apple watchOS versions antérieures à 2.2.2 | ||
| Apple | N/A | Apple OS X El Capitan versions antérieures à 10.11.6 et sans la mise à jour de sécurité 2016-004 | ||
| Apple | N/A | Apple iOS versions antérieures à 9.3.3 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Apple tvOS versions ant\u00e9rieures \u00e0 9.2.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "Apple iTunes pour Windows versions ant\u00e9rieures \u00e0 12.4.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "Apple iCloud pour Windows versions ant\u00e9rieures \u00e0 5.2.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "Apple Safari versions ant\u00e9rieures \u00e0 9.1.2",
"product": {
"name": "Safari",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "Apple watchOS versions ant\u00e9rieures \u00e0 2.2.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "Apple OS X El Capitan versions ant\u00e9rieures \u00e0 10.11.6 et sans la mise \u00e0 jour de s\u00e9curit\u00e9 2016-004",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "Apple iOS versions ant\u00e9rieures \u00e0 9.3.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2016-4650",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4650"
},
{
"name": "CVE-2016-1865",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1865"
},
{
"name": "CVE-2016-4584",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4584"
},
{
"name": "CVE-2016-4645",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4645"
},
{
"name": "CVE-2016-4609",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4609"
},
{
"name": "CVE-2016-4648",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4648"
},
{
"name": "CVE-2016-4629",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4629"
},
{
"name": "CVE-2016-4601",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4601"
},
{
"name": "CVE-2016-4600",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4600"
},
{
"name": "CVE-2016-4646",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4646"
},
{
"name": "CVE-2016-4623",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4623"
},
{
"name": "CVE-2016-4582",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4582"
},
{
"name": "CVE-2016-2105",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2105"
},
{
"name": "CVE-2016-2176",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2176"
},
{
"name": "CVE-2016-4595",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4595"
},
{
"name": "CVE-2016-4447",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4447"
},
{
"name": "CVE-2016-4448",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4448"
},
{
"name": "CVE-2016-4614",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4614"
},
{
"name": "CVE-2016-0718",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0718"
},
{
"name": "CVE-2016-4589",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4589"
},
{
"name": "CVE-2016-4627",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4627"
},
{
"name": "CVE-2016-1863",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1863"
},
{
"name": "CVE-2016-4631",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4631"
},
{
"name": "CVE-2016-4615",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4615"
},
{
"name": "CVE-2016-4632",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4632"
},
{
"name": "CVE-2016-1684",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1684"
},
{
"name": "CVE-2016-4598",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4598"
},
{
"name": "CVE-2016-2107",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2107"
},
{
"name": "CVE-2016-4649",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4649"
},
{
"name": "CVE-2016-4621",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4621"
},
{
"name": "CVE-2016-4592",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4592"
},
{
"name": "CVE-2016-1836",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1836"
},
{
"name": "CVE-2016-4624",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4624"
},
{
"name": "CVE-2016-4634",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4634"
},
{
"name": "CVE-2016-2106",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2106"
},
{
"name": "CVE-2016-4619",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4619"
},
{
"name": "CVE-2016-4596",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4596"
},
{
"name": "CVE-2016-4588",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4588"
},
{
"name": "CVE-2016-4610",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4610"
},
{
"name": "CVE-2016-4637",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4637"
},
{
"name": "CVE-2016-4597",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4597"
},
{
"name": "CVE-2016-4599",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4599"
},
{
"name": "CVE-2016-4633",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4633"
},
{
"name": "CVE-2016-4612",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4612"
},
{
"name": "CVE-2016-4605",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4605"
},
{
"name": "CVE-2016-4587",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4587"
},
{
"name": "CVE-2016-4602",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4602"
},
{
"name": "CVE-2016-4652",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4652"
},
{
"name": "CVE-2016-4586",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4586"
},
{
"name": "CVE-2016-4607",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4607"
},
{
"name": "CVE-2016-4594",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4594"
},
{
"name": "CVE-2016-1864",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1864"
},
{
"name": "CVE-2016-4641",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4641"
},
{
"name": "CVE-2016-4647",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4647"
},
{
"name": "CVE-2016-4583",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4583"
},
{
"name": "CVE-2014-9862",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9862"
},
{
"name": "CVE-2016-4625",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4625"
},
{
"name": "CVE-2016-4616",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4616"
},
{
"name": "CVE-2016-4590",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4590"
},
{
"name": "CVE-2016-4640",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4640"
},
{
"name": "CVE-2016-4603",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4603"
},
{
"name": "CVE-2016-4585",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4585"
},
{
"name": "CVE-2016-4593",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4593"
},
{
"name": "CVE-2016-4635",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4635"
},
{
"name": "CVE-2016-4608",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4608"
},
{
"name": "CVE-2016-4638",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4638"
},
{
"name": "CVE-2016-4639",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4639"
},
{
"name": "CVE-2016-4591",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4591"
},
{
"name": "CVE-2016-4630",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4630"
},
{
"name": "CVE-2016-4604",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4604"
},
{
"name": "CVE-2016-2109",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2109"
},
{
"name": "CVE-2016-2108",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2108"
},
{
"name": "CVE-2016-4449",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4449"
},
{
"name": "CVE-2016-4622",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4622"
},
{
"name": "CVE-2016-4628",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4628"
},
{
"name": "CVE-2016-4626",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4626"
},
{
"name": "CVE-2016-4651",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4651"
},
{
"name": "CVE-2016-4483",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4483"
}
],
"initial_release_date": "2016-07-19T00:00:00",
"last_revision_date": "2016-07-19T00:00:00",
"links": [],
"reference": "CERTFR-2016-AVI-239",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2016-07-19T00:00:00.000000"
}
],
"risks": [
{
"description": "Injection de code indirecte \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
},
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eles produits Apple\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire\n\u00e0 distance, un d\u00e9ni de service \u00e0 distance et un contournement de la\npolitique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Apple",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT206902 du 18 juillet 2016",
"url": "https://support.apple.com/en-us/HT206902"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT206905 du 18 juillet 2016",
"url": "https://support.apple.com/en-us/HT206905"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT206903 du 18 juillet 2016",
"url": "https://support.apple.com/en-us/HT206903"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT206901 du 18 juillet 2016",
"url": "https://support.apple.com/en-us/HT206901"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT206904 du 18 juillet 2016",
"url": "https://support.apple.com/en-us/HT206904"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT206899 du 18 juillet 2016",
"url": "https://support.apple.com/en-us/HT206899"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT206900 du 18 juillet 2016",
"url": "https://support.apple.com/en-us/HT206900"
}
]
}
var-201607-0687
Vulnerability from variot
Integer signedness error in bspatch.c in bspatch in bsdiff, as used in Apple OS X before 10.11.6 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow) via a crafted patch file. Apple OS X Used in and other products bsdiff of bspatch of bspatch.c Contains an integer sign error vulnerability. Supplementary information : CWE Vulnerability type by CWE-190: Integer Overflow or Wraparound ( Integer overflow or wraparound ) Has been identified. Attackers can exploit these issues to execute arbitrary code, gain sensitive information, cause denial-of-service conditions, bypass security restrictions, and perform unauthorized actions. This may aid in other attacks. Apple Mac OS X 10.9.5, 10.10.5 and 10.11 through 10.11.5 are vulnerable. bsdiff is one of the tool components used to build patched binaries. ========================================================================== Ubuntu Security Notice USN-4500-1 September 15, 2020
bsdiff vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 LTS
Summary:
bsdiff could be made to crash or run programs as your login if it opened a specially crafted file.
Software Description: - bsdiff: generate/apply a patch between two binary files
Details:
It was discovered that bsdiff mishandled certain input.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 16.04 LTS: bsdiff 4.3-15+deb8u1build0.16.04.1
In general, a standard system update will make all the necessary changes.
References: https://usn.ubuntu.com/4500-1 CVE-2014-9862
Package Information: https://launchpad.net/ubuntu/+source/bsdiff/4.3-15+deb8u1build0.16.04.1
-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
============================================================================= FreeBSD-SA-16:25.bspatch Security Advisory The FreeBSD Project
Topic: Heap vulnerability in bspatch
Category: core Module: bsdiff Announced: 2016-07-25 Affects: All supported versions of FreeBSD. Corrected: 2016-07-25 14:52:12 UTC (stable/11, 11.0-BETA2-p1) 2016-07-25 14:52:12 UTC (stable/11, 11.0-BETA1-p1) 2016-07-25 14:53:04 UTC (stable/10, 10.3-STABLE) 2016-07-25 15:04:17 UTC (releng/10.3, 10.3-RELEASE-p6) 2016-07-25 15:04:17 UTC (releng/10.2, 10.2-RELEASE-p20) 2016-07-25 15:04:17 UTC (releng/10.1, 10.1-RELEASE-p37) 2016-07-25 14:53:04 UTC (stable/9, 9.3-STABLE) 2016-07-25 15:04:17 UTC (releng/9.3, 9.3-RELEASE-p45) CVE Name: CVE-2014-9862
For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit .
I. Background
The bspatch utility generates newfile from oldfile and patchfile where patchfile is a binary patch built by bsdiff(1).
II. Problem Description
The implementation of bspatch does not check for a negative value on numbers of bytes read from the diff and extra streams, allowing an attacker who can control the patch file to write at arbitrary locations in the heap.
This issue was first discovered by The Chromium Project and reported independently by Lu Tung-Pin to the FreeBSD project.
III. Impact
An attacker who can control the patch file can cause a crash or run arbitrary code under the credentials of the user who runs bspatch, in many cases, root.
IV. Workaround
No workaround is available.
V. Solution
Perform one of the following:
1) Upgrade your vulnerable system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date.
No reboot is needed.
2) To update your vulnerable system via a binary patch:
Systems running a RELEASE version of FreeBSD on the i386 or amd64 platforms can be updated via the freebsd-update(8) utility:
freebsd-update fetch
freebsd-update install
No reboot is needed.
3) To update your vulnerable system via a source code patch:
The following patches have been verified to apply to the applicable FreeBSD release branches.
a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility.
fetch https://security.FreeBSD.org/patches/SA-16:25/bspatch.patch
fetch https://security.FreeBSD.org/patches/SA-16:25/bspatch.patch.asc
gpg --verify bspatch.patch.asc
b) Apply the patch. Execute the following commands as root:
cd /usr/src
patch < /path/to/patch
c) Recompile the operating system using buildworld and installworld as described in .
VI. Correction details
The following list contains the correction revision numbers for each affected branch.
Branch/path Revision
stable/9/ r303301 releng/9.3/ r303304 stable/10/ r303301 releng/10.1/ r303304 releng/10.2/ r303304 releng/10.3/ r303304 stable/11/ r303300
To see which files were modified by a particular revision, run the following command, replacing NNNNNN with the revision number, on a machine with Subversion installed:
svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
Or visit the following URL, replacing NNNNNN with the revision number:
VII. References
The latest revision of this advisory is available at -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.1.13 (FreeBSD)
iQIcBAEBCgAGBQJXlir7AAoJEO1n7NZdz2rnTtAP/iFnhrcmRuxmeMGtVPWHZFhH /I2iB62wGf4vNGVedwh3fHPEgjEpMvDVP7S+OCLB7Fnf+Mwm9uL47cjxdr/P5dy8 iKRsojG7HVE3Iia7DyaSEQwbJMQZGWsy2wr9epiHPoOpnSaWKUBx94C+oc7gPdM5 8LW5OpUgSpFCztQ82gbM/2Bjy5OREJQP6ASW62WO+MkD7n+ZUzsUCdR13bzvpA23 BaNeInQArn5Zf3OiZXjQ9Go1muml2llQmqxeb8p3V9IbJ3mdUBQat1AtF/yXfpWA tkUfgqAaoKbjOrk22h/wBRssPlqqftZDXWqi2KlkEltqyU1evnsb5UVCu0SZdgkW lQlnE1vymJCnxC211SweDNbbP8laR0OpjRxUxljSXVMXag4Lh9+9aD6zIZ9zZNi7 MxXEasLZViwq8gEbZLlLUfcOQVv6T+3jTiH8aRUYFp5PsBGBgQCAQgGCEaztQTNr lnSp/rqnP7FEu7gsHtP3wGK03RItNketbKMSUzV5eXiWmVYC3a6/WboqqJuqhDka zs3W0h0Fw6iqk6CfImHnhD1unarXnSQU5vRcf9srnUvS0XgYS/113BQK23SjGmki OIJe3Wm0CrcChAf8lKdeyPlKFcN906EkQ8Hh8vB00B9BZCXYLY9zBK6lW40NA1UN cy+ljfLX/xwCNIJJXdwH =FL3H -----END PGP SIGNATURE----- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
APPLE-SA-2016-07-18-1 OS X El Capitan v10.11.6 and Security Update 2016-004
OS X El Capitan v10.11.6 and Security Update 2016-004 is now available and addresses the following:
apache_mod_php
Available for:
OS X Yosemite v10.10.5 and OS X El Capitan v10.11 and later
Impact: A remote attacker may be able to execute arbitrary code
Description: Multiple issues existed in PHP versions prior to
5.5.36. These were addressed by updating PHP to version 5.5.36.
CVE-2016-4650
Audio Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed through improved memory handling. CVE-2016-4647 : Juwei Lin (@fuzzerDOTcn) of Trend Micro
Audio Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to determine kernel memory layout Description: An out-of-bounds read was addressed through improved input validation. CVE-2016-4648 : Juwei Lin(@fuzzerDOTcn) of Trend Micro
Audio Available for: OS X El Capitan v10.11 and later Impact: Parsing a maliciously crafted audio file may lead to the disclosure of user information Description: An out-of-bounds read was addressed through improved bounds checking. CVE-2016-4646 : Steven Seeley of Source Incite working with Trend Micro's Zero Day Initiative
Audio Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to cause a system denial of service Description: A null pointer dereference was addressed through improved input validation. This issue was addressed through improved bounds checking. CVE-2014-9862 : an anonymous researcher
CFNetwork Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to view sensitive user information Description: A permissions issue existed in the handling of web browser cookies. This issue was addressed through improved restrictions. CVE-2016-4645 : Abhinav Bansal of Zscaler Inc.
CoreGraphics Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 and later Impact: A remote attacker may be able to execute arbitrary code Description: A memory corruption issue was addressed through improved memory handling. CVE-2016-4637 : Tyler Bohan of Cisco Talos (talosintel.com /vulnerability-reports)
CoreGraphics Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to elevate privileges Description: An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed through improved input validation. CVE-2016-4652 : Yubin Fu of Tencent KeenLab working with Trend Micro's Zero Day Initiative
FaceTime Available for: OS X El Capitan v10.11 and later Impact: An attacker in a privileged network position may be able to cause a relayed call to continue transmitting audio while appearing as if the call terminated Description: User interface inconsistencies existed in the handling of relayed calls. These issues were addressed through improved FaceTime display logic. CVE-2016-4635 : Martin Vigo
Graphics Drivers Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed through improved input validation. CVE-2016-4634 : Stefan Esser of SektionEins
ImageIO Available for: OS X El Capitan v10.11 and later Impact: A remote attacker may be able to cause a denial of service Description: A memory consumption issue was addressed through improved memory handling. CVE-2016-4632 : Evgeny Sidorov of Yandex
ImageIO Available for: OS X El Capitan v10.11 and later Impact: A remote attacker may be able to execute arbitrary code Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-4631 : Tyler Bohan of Cisco Talos (talosintel.com /vulnerability-reports)
ImageIO Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 and later Impact: A remote attacker may be able to execute arbitrary code Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-4629 : Tyler Bohan of Cisco Talos (talosintel.com /vulnerability-reports) CVE-2016-4630 : Tyler Bohan of Cisco Talos (talosintel.com /vulnerability-reports)
Intel Graphics Driver Available for: OS X El Capitan v10.11 and later Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-4633 : an anonymous researcher
IOHIDFamily Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to execute arbitrary code with kernel privileges Description: A null pointer dereference was addressed through improved input validation. CVE-2016-4626 : Stefan Esser of SektionEins
IOSurface Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to execute arbitrary code with kernel privileges Description: A use-after-free was addressed through improved memory management. CVE-2016-4625 : Ian Beer of Google Project Zero
Kernel Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to execute arbitrary code with kernel privileges Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-1863 : Ian Beer of Google Project Zero CVE-2016-1864 : Ju Zhu of Trend Micro CVE-2016-4582 : Shrek_wzw and Proteas of Qihoo 360 Nirvan Team
Kernel Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to cause a system denial of service Description: A null pointer dereference was addressed through improved input validation. CVE-2016-1865 : CESG, Marco Grassi (@marcograss) of KeenLab (@keen_lab), Tencent
libc++abi Available for: OS X El Capitan v10.11 and later Impact: An application may be able to execute arbitrary code with root privileges Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-4621 : an anonymous researcher
libexpat Available for: OS X El Capitan v10.11 and later Impact: Processing maliciously crafted XML may lead to unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-0718 : Gustavo Grieco
LibreSSL Available for: OS X El Capitan v10.11 and later Impact: A remote attacker may be able to execute arbitrary code Description: Multiple issues existed in LibreSSL before 2.2.7. These were addressed by updating LibreSSL to version 2.2.7. CVE-2016-2108 : Huzaifa Sidhpurwala (Red Hat), Hanno Boeck, David Benjamin (Google) Mark Brand, Ian Beer of Google Project Zero CVE-2016-2109 : Brian Carpenter
libxml2 Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 and later Impact: Parsing a maliciously crafted XML document may lead to disclosure of user information Description: An access issue existed in the parsing of maliciously crafted XML files. This issue was addressed through improved input validation. CVE-2016-1836 : Wei Lei and Liu Yang of Nanyang Technological University CVE-2016-4447 : Wei Lei and Liu Yang of Nanyang Technological University CVE-2016-4448 : Apple CVE-2016-4483 : Gustavo Grieco CVE-2016-4614 : Nick Wellnhofe CVE-2016-4615 : Nick Wellnhofer CVE-2016-4616 : Michael Paddon CVE-2016-4619 : Hanno Boeck
libxslt Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 and later Impact: Multiple vulnerabilities in libxslt Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-1684 : Nicolas GrA(c)goire CVE-2016-4607 : Nick Wellnhofer CVE-2016-4608 : Nicolas GrA(c)goire CVE-2016-4609 : Nick Wellnhofer CVE-2016-4610 : Nick Wellnhofer CVE-2016-4612 : Nicolas GrA(c)goire
Login Window Available for: OS X El Capitan v10.11 and later Impact: A malicious application may be able to execute arbitrary code leading to compromise of user information Description: A memory corruption issue was addressed through improved input validation. CVE-2016-4640 : Yubin Fu of Tencent KeenLab working with Trend Micro's Zero Day Initiative
Login Window Available for: OS X El Capitan v10.11 and later Impact: A malicious application may be able to execute arbitrary code leading to the compromise of user information Description: A type confusion issue was addressed through improved memory handling. CVE-2016-4641 : Yubin Fu of Tencent KeenLab working with Trend Micro's Zero Day Initiative
Login Window Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to cause a denial of service Description: A memory initialization issue was addressed through improved memory handling. CVE-2016-4639 : Yubin Fu of Tencent KeenLab working with Trend Micro's Zero Day Initiative
Login Window Available for: OS X El Capitan v10.11 and later Impact: A malicious application may be able to gain root privileges Description: A type confusion issue was addressed through improved memory handling. CVE-2016-4638 : Yubin Fu of Tencent KeenLab working with Trend Micro's Zero Day Initiative
OpenSSL Available for: OS X El Capitan v10.11 and later Impact: A remote attacker may be able to execute arbitrary code Description: Multiple issues existed in OpenSSL. These issues were resolved by backporting the fixes from OpenSSL 1.0.2h/1.0.1 to OpenSSL 0.9.8. CVE-2016-2105 : Guido Vranken CVE-2016-2106 : Guido Vranken CVE-2016-2107 : Juraj Somorovsky CVE-2016-2108 : Huzaifa Sidhpurwala (Red Hat), Hanno Boeck, David Benjamin (Google), Mark Brand and Ian Beer of Google Project Zero CVE-2016-2109 : Brian Carpenter CVE-2016-2176 : Guido Vranken
QuickTime Available for: OS X El Capitan v10.11 and later Impact: Processing a maliciously crafted FlashPix Bitmap Image may lead to unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-4596 : Ke Liu of Tencent's Xuanwu Lab CVE-2016-4597 : Ke Liu of Tencent's Xuanwu Lab CVE-2016-4600 : Ke Liu of Tencent's Xuanwu Lab CVE-2016-4602 : Ke Liu of Tencent's Xuanwu Lab
QuickTime Available for: OS X El Capitan v10.11 and later Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: A memory corruption issue was addressed through improved input validation. CVE-2016-4598 : Ke Liu of Tencent's Xuanwu Lab
QuickTime Available for: OS X El Capitan v10.11 and later Impact: Processing a maliciously crafted SGI file may lead to arbitrary code execution Description: A memory corruption issue was addressed through improved input validation. CVE-2016-4601 : Ke Liu of Tencent's Xuanwu Lab
QuickTime Available for: OS X El Capitan v10.11 and later Impact: Processing a maliciously crafted Photoshop document may lead to unexpected application termination or arbitrary code execution Description: A memory corruption issue was addressed through improved input validation. CVE-2016-4599 : Ke Liu of Tencent's Xuanwu Lab
Safari Login AutoFill Available for: OS X El Capitan v10.11 and later Impact: A user's password may be visible on screen Description: An issue existed in Safari's password auto-fill. This issue was addressed through improved matching of form fields. CVE-2016-4595 : Jonathan Lewis from DeARX Services (PTY) LTD
Sandbox Profiles Available for: OS X El Capitan v10.11 and later Impact: A local application may be able to access the process list Description: An access issue existed with privileged API calls. This issue was addressed through additional restrictions. CVE-2016-4594 : Stefan Esser of SektionEins
Note: OS X El Capitan 10.11.6 includes the security content of Safari 9.1.2. For further details see https://support.apple.com/kb/HT206900
OS X El Capitan v10.11.6 and Security Update 2016-004 may be obtained from the Mac App Store or Apple's Software Downloads web site: http://www.apple.com/support/downloads/
Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org
iQIcBAEBCgAGBQJXjXAvAAoJEIOj74w0bLRG/5EP/2v9SJTrO+/4b3A1gqC1ch8y +cJ04tXRsO7rvjKT5nCylo30U0Sanz/bUbDx4559YS7/P/IyeyZVheaTJwK8wzEy pSOPpy35hUuVIw0/p4YsuHDThSBPFMmDljTxH7elkfuBV1lPSrCkyDXc0re2HxWV xj68zAxtM0jkkhgcxb2ApZSZVXhrjUZtbY0xEVOoWKKFwbMvKfx+4xSqunwQeS1u wevs1EbxfvsZbc3pG+xYcOonbegBzOy9aCvNO1Yv1zG+AYXC5ERMq1vk3PsWOTQN ZVY1I7mvCaEfvmjq2isRw8XYapAIKISDLwMKBSYrZDQFwPQLRi1VXxQZ67Kq1M3k ah04/lr0RIcoosIcBqxD2+1UAFjUzEUNFkYivjhuaeegN2QdL7Ujegf1QjdAt8lk mmKduxYUDOaRX50Kw7n14ZveJqzE1D5I6QSItaZ9M1vR60a7u91DSj9D87vbt1YC JM/Rvf/4vonp1NjwA2JQwCiZfYliBDdn9iiCl8mzxdsSRD/wXcZCs05nnKmKsCfc 55ET7IwdG3622lVheOJGQZuucwJiTn36zC11XVzZysQd/hLD5rUKUQNX1WOgZdzs xPsslXF5MWx9jcdyWVSWxDrN0sFk+GpQFQDuVozP60xuxqR3qQ0TXir2NP39uIF5 YozOGPQFmX0OviWCQsX6 =ng+m -----END PGP SIGNATURE----- .
Resolution
All Binary diff users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=dev-util/bsdiff-4.3-r4"
References
[ 1 ] CVE-2014-9862 https://nvd.nist.gov/vuln/detail/CVE-2014-9862
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/202003-44
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2020 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
https://creativecommons.org/licenses/by-sa/2.5
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201607-0687",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "mac os x",
"scope": "lte",
"trust": 1.0,
"vendor": "apple",
"version": "10.11.5"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "10.11 and later"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "10.11.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.11.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.11.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.11.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.10.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.9.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.11.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.11.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.11"
},
{
"model": "mac os",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.11.6"
},
{
"model": "mac os security update",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x2016"
}
],
"sources": [
{
"db": "BID",
"id": "91824"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004021"
},
{
"db": "CNNVD",
"id": "CNNVD-201607-841"
},
{
"db": "NVD",
"id": "CVE-2014-9862"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:apple:mac_os_x",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-004021"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ubuntu,Gentoo",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201607-841"
}
],
"trust": 0.6
},
"cve": "CVE-2014-9862",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "CVE-2014-9862",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "VHN-77807",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"id": "CVE-2014-9862",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2014-9862",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2014-9862",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201607-841",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-77807",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2014-9862",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-77807"
},
{
"db": "VULMON",
"id": "CVE-2014-9862"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004021"
},
{
"db": "CNNVD",
"id": "CNNVD-201607-841"
},
{
"db": "NVD",
"id": "CVE-2014-9862"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Integer signedness error in bspatch.c in bspatch in bsdiff, as used in Apple OS X before 10.11.6 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow) via a crafted patch file. Apple OS X Used in and other products bsdiff of bspatch of bspatch.c Contains an integer sign error vulnerability. Supplementary information : CWE Vulnerability type by CWE-190: Integer Overflow or Wraparound ( Integer overflow or wraparound ) Has been identified. \nAttackers can exploit these issues to execute arbitrary code, gain sensitive information, cause denial-of-service conditions, bypass security restrictions, and perform unauthorized actions. This may aid in other attacks. \nApple Mac OS X 10.9.5, 10.10.5 and 10.11 through 10.11.5 are vulnerable. bsdiff is one of the tool components used to build patched binaries. ==========================================================================\nUbuntu Security Notice USN-4500-1\nSeptember 15, 2020\n\nbsdiff vulnerabilities\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 16.04 LTS\n\nSummary:\n\nbsdiff could be made to crash or run programs as your login if it\nopened a specially crafted file. \n\nSoftware Description:\n- bsdiff: generate/apply a patch between two binary files\n\nDetails:\n\nIt was discovered that bsdiff mishandled certain input. \n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 16.04 LTS:\n bsdiff 4.3-15+deb8u1build0.16.04.1\n\nIn general, a standard system update will make all the necessary changes. \n\nReferences:\n https://usn.ubuntu.com/4500-1\n CVE-2014-9862\n\nPackage Information:\n https://launchpad.net/ubuntu/+source/bsdiff/4.3-15+deb8u1build0.16.04.1\n\n-- \nubuntu-security-announce mailing list\nubuntu-security-announce@lists.ubuntu.com\nModify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\n=============================================================================\nFreeBSD-SA-16:25.bspatch Security Advisory\n The FreeBSD Project\n\nTopic: Heap vulnerability in bspatch\n\nCategory: core\nModule: bsdiff\nAnnounced: 2016-07-25\nAffects: All supported versions of FreeBSD. \nCorrected: 2016-07-25 14:52:12 UTC (stable/11, 11.0-BETA2-p1)\n 2016-07-25 14:52:12 UTC (stable/11, 11.0-BETA1-p1)\n 2016-07-25 14:53:04 UTC (stable/10, 10.3-STABLE)\n 2016-07-25 15:04:17 UTC (releng/10.3, 10.3-RELEASE-p6)\n 2016-07-25 15:04:17 UTC (releng/10.2, 10.2-RELEASE-p20)\n 2016-07-25 15:04:17 UTC (releng/10.1, 10.1-RELEASE-p37)\n 2016-07-25 14:53:04 UTC (stable/9, 9.3-STABLE)\n 2016-07-25 15:04:17 UTC (releng/9.3, 9.3-RELEASE-p45)\nCVE Name: CVE-2014-9862\n\nFor general information regarding FreeBSD Security Advisories,\nincluding descriptions of the fields above, security branches, and the\nfollowing sections, please visit \u003cURL:https://security.FreeBSD.org/\u003e. \n\nI. Background\n\nThe bspatch utility generates newfile from oldfile and patchfile where\npatchfile is a binary patch built by bsdiff(1). \n\nII. Problem Description\n\nThe implementation of bspatch does not check for a negative value on numbers\nof bytes read from the diff and extra streams, allowing an attacker who\ncan control the patch file to write at arbitrary locations in the heap. \n\nThis issue was first discovered by The Chromium Project and reported\nindependently by Lu Tung-Pin to the FreeBSD project. \n\nIII. Impact\n\nAn attacker who can control the patch file can cause a crash or run arbitrary\ncode under the credentials of the user who runs bspatch, in many cases, root. \n\nIV. Workaround\n\nNo workaround is available. \n\nV. Solution\n\nPerform one of the following:\n\n1) Upgrade your vulnerable system to a supported FreeBSD stable or\nrelease / security branch (releng) dated after the correction date. \n\nNo reboot is needed. \n\n2) To update your vulnerable system via a binary patch:\n\nSystems running a RELEASE version of FreeBSD on the i386 or amd64\nplatforms can be updated via the freebsd-update(8) utility:\n\n# freebsd-update fetch\n# freebsd-update install\n\nNo reboot is needed. \n\n3) To update your vulnerable system via a source code patch:\n\nThe following patches have been verified to apply to the applicable\nFreeBSD release branches. \n\na) Download the relevant patch from the location below, and verify the\ndetached PGP signature using your PGP utility. \n\n# fetch https://security.FreeBSD.org/patches/SA-16:25/bspatch.patch\n# fetch https://security.FreeBSD.org/patches/SA-16:25/bspatch.patch.asc\n# gpg --verify bspatch.patch.asc\n\nb) Apply the patch. Execute the following commands as root:\n\n# cd /usr/src\n# patch \u003c /path/to/patch\n\nc) Recompile the operating system using buildworld and installworld as\ndescribed in \u003cURL:https://www.FreeBSD.org/handbook/makeworld.html\u003e. \n\nVI. Correction details\n\nThe following list contains the correction revision numbers for each\naffected branch. \n\nBranch/path Revision\n- -------------------------------------------------------------------------\nstable/9/ r303301\nreleng/9.3/ r303304\nstable/10/ r303301\nreleng/10.1/ r303304\nreleng/10.2/ r303304\nreleng/10.3/ r303304\nstable/11/ r303300\n- -------------------------------------------------------------------------\n\nTo see which files were modified by a particular revision, run the\nfollowing command, replacing NNNNNN with the revision number, on a\nmachine with Subversion installed:\n\n# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base\n\nOr visit the following URL, replacing NNNNNN with the revision number:\n\n\u003cURL:https://svnweb.freebsd.org/base?view=revision\u0026revision=NNNNNN\u003e\n\nVII. References\n\n\u003cURL:https://bugs.chromium.org/p/chromium/issues/detail?id=372525\u003e\n\n\u003cURL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9862\u003e\n\nThe latest revision of this advisory is available at\n\u003cURL:https://security.FreeBSD.org/advisories/FreeBSD-SA-16:25.bspatch.asc\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v2.1.13 (FreeBSD)\n\niQIcBAEBCgAGBQJXlir7AAoJEO1n7NZdz2rnTtAP/iFnhrcmRuxmeMGtVPWHZFhH\n/I2iB62wGf4vNGVedwh3fHPEgjEpMvDVP7S+OCLB7Fnf+Mwm9uL47cjxdr/P5dy8\niKRsojG7HVE3Iia7DyaSEQwbJMQZGWsy2wr9epiHPoOpnSaWKUBx94C+oc7gPdM5\n8LW5OpUgSpFCztQ82gbM/2Bjy5OREJQP6ASW62WO+MkD7n+ZUzsUCdR13bzvpA23\nBaNeInQArn5Zf3OiZXjQ9Go1muml2llQmqxeb8p3V9IbJ3mdUBQat1AtF/yXfpWA\ntkUfgqAaoKbjOrk22h/wBRssPlqqftZDXWqi2KlkEltqyU1evnsb5UVCu0SZdgkW\nlQlnE1vymJCnxC211SweDNbbP8laR0OpjRxUxljSXVMXag4Lh9+9aD6zIZ9zZNi7\nMxXEasLZViwq8gEbZLlLUfcOQVv6T+3jTiH8aRUYFp5PsBGBgQCAQgGCEaztQTNr\nlnSp/rqnP7FEu7gsHtP3wGK03RItNketbKMSUzV5eXiWmVYC3a6/WboqqJuqhDka\nzs3W0h0Fw6iqk6CfImHnhD1unarXnSQU5vRcf9srnUvS0XgYS/113BQK23SjGmki\nOIJe3Wm0CrcChAf8lKdeyPlKFcN906EkQ8Hh8vB00B9BZCXYLY9zBK6lW40NA1UN\ncy+ljfLX/xwCNIJJXdwH\n=FL3H\n-----END PGP SIGNATURE-----\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\nAPPLE-SA-2016-07-18-1 OS X El Capitan v10.11.6 and Security Update\n2016-004\n\nOS X El Capitan v10.11.6 and Security Update 2016-004 is now\navailable and addresses the following:\n\napache_mod_php\nAvailable for: \nOS X Yosemite v10.10.5 and OS X El Capitan v10.11 and later\nImpact: A remote attacker may be able to execute arbitrary code\nDescription: Multiple issues existed in PHP versions prior to\n5.5.36. These were addressed by updating PHP to version 5.5.36. \nCVE-2016-4650\n\nAudio\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local user may be able to execute arbitrary code with\nkernel privileges\nDescription: A memory corruption issue was addressed through\nimproved memory handling. \nCVE-2016-4647 : Juwei Lin (@fuzzerDOTcn) of Trend Micro\n\nAudio\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local user may be able to determine kernel memory layout\nDescription: An out-of-bounds read was addressed through improved\ninput validation. \nCVE-2016-4648 : Juwei Lin(@fuzzerDOTcn) of Trend Micro\n\nAudio\nAvailable for: OS X El Capitan v10.11 and later\nImpact: Parsing a maliciously crafted audio file may lead to the\ndisclosure of user information\nDescription: An out-of-bounds read was addressed through improved\nbounds checking. \nCVE-2016-4646 : Steven Seeley of Source Incite working with Trend\nMicro\u0027s Zero Day Initiative\n\nAudio\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local user may be able to cause a system denial of service\nDescription: A null pointer dereference was addressed through\nimproved input validation. This issue was\naddressed through improved bounds checking. \nCVE-2014-9862 : an anonymous researcher\n\nCFNetwork\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local user may be able to view sensitive user information\nDescription: A permissions issue existed in the handling of web\nbrowser cookies. This issue was addressed through improved\nrestrictions. \nCVE-2016-4645 : Abhinav Bansal of Zscaler Inc. \n\nCoreGraphics\nAvailable for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,\nand OS X El Capitan v10.11 and later\nImpact: A remote attacker may be able to execute arbitrary code\nDescription: A memory corruption issue was addressed through\nimproved memory handling. \nCVE-2016-4637 : Tyler Bohan of Cisco Talos (talosintel.com\n/vulnerability-reports)\n\nCoreGraphics\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local user may be able to elevate privileges\nDescription: An out-of-bounds read issue existed that led to the\ndisclosure of kernel memory. This was addressed through improved\ninput validation. \nCVE-2016-4652 : Yubin Fu of Tencent KeenLab working with Trend\nMicro\u0027s Zero Day Initiative\n\nFaceTime\nAvailable for: OS X El Capitan v10.11 and later\nImpact: An attacker in a privileged network position may be able to\ncause a relayed call to continue transmitting audio while appearing\nas if the call terminated\nDescription: User interface inconsistencies existed in the handling\nof relayed calls. These issues were addressed through improved\nFaceTime display logic. \nCVE-2016-4635 : Martin Vigo\n\nGraphics Drivers\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local user may be able to execute arbitrary code with\nkernel privileges\nDescription: A memory corruption issue was addressed through\nimproved input validation. \nCVE-2016-4634 : Stefan Esser of SektionEins\n\nImageIO\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A remote attacker may be able to cause a denial of service\nDescription: A memory consumption issue was addressed through\nimproved memory handling. \nCVE-2016-4632 : Evgeny Sidorov of Yandex\n\nImageIO\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A remote attacker may be able to execute arbitrary code\nDescription: Multiple memory corruption issues were addressed\nthrough improved memory handling. \nCVE-2016-4631 : Tyler Bohan of Cisco Talos (talosintel.com\n/vulnerability-reports)\n\nImageIO\nAvailable for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,\nand OS X El Capitan v10.11 and later\nImpact: A remote attacker may be able to execute arbitrary code\nDescription: Multiple memory corruption issues were addressed\nthrough improved memory handling. \nCVE-2016-4629 : Tyler Bohan of Cisco Talos (talosintel.com\n/vulnerability-reports)\nCVE-2016-4630 : Tyler Bohan of Cisco Talos (talosintel.com\n/vulnerability-reports)\n\nIntel Graphics Driver\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A malicious application may be able to execute arbitrary\ncode with kernel privileges\nDescription: Multiple memory corruption issues were addressed\nthrough improved memory handling. \nCVE-2016-4633 : an anonymous researcher\n\nIOHIDFamily\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local user may be able to execute arbitrary code with\nkernel privileges\nDescription: A null pointer dereference was addressed through\nimproved input validation. \nCVE-2016-4626 : Stefan Esser of SektionEins\n\nIOSurface\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local user may be able to execute arbitrary code with\nkernel privileges\nDescription: A use-after-free was addressed through improved memory\nmanagement. \nCVE-2016-4625 : Ian Beer of Google Project Zero\n\nKernel\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local user may be able to execute arbitrary code with\nkernel privileges\nDescription: Multiple memory corruption issues were addressed\nthrough improved memory handling. \nCVE-2016-1863 : Ian Beer of Google Project Zero\nCVE-2016-1864 : Ju Zhu of Trend Micro\nCVE-2016-4582 : Shrek_wzw and Proteas of Qihoo 360 Nirvan Team\n\nKernel\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local user may be able to cause a system denial of service\nDescription: A null pointer dereference was addressed through\nimproved input validation. \nCVE-2016-1865 : CESG, Marco Grassi (@marcograss) of KeenLab\n(@keen_lab), Tencent\n\nlibc++abi\nAvailable for: OS X El Capitan v10.11 and later\nImpact: An application may be able to execute arbitrary code with\nroot privileges\nDescription: Multiple memory corruption issues were addressed\nthrough improved memory handling. \nCVE-2016-4621 : an anonymous researcher\n\nlibexpat\nAvailable for: OS X El Capitan v10.11 and later\nImpact: Processing maliciously crafted XML may lead to unexpected\napplication termination or arbitrary code execution\nDescription: Multiple memory corruption issues were addressed\nthrough improved memory handling. \nCVE-2016-0718 : Gustavo Grieco\n\nLibreSSL\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A remote attacker may be able to execute arbitrary code\nDescription: Multiple issues existed in LibreSSL before 2.2.7. These\nwere addressed by updating LibreSSL to version 2.2.7. \nCVE-2016-2108 : Huzaifa Sidhpurwala (Red Hat), Hanno Boeck, David Benjamin (Google) Mark Brand,\nIan Beer of Google Project Zero\nCVE-2016-2109 : Brian Carpenter\n\nlibxml2\nAvailable for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,\nand OS X El Capitan v10.11 and later\nImpact: Parsing a maliciously crafted XML document may lead to\ndisclosure of user information\nDescription: An access issue existed in the parsing of maliciously\ncrafted XML files. This issue was addressed through improved input\nvalidation. \nCVE-2016-1836 : Wei Lei and Liu Yang of Nanyang Technological\nUniversity\nCVE-2016-4447 : Wei Lei and Liu Yang of Nanyang Technological\nUniversity\nCVE-2016-4448 : Apple\nCVE-2016-4483 : Gustavo Grieco\nCVE-2016-4614 : Nick Wellnhofe\nCVE-2016-4615 : Nick Wellnhofer\nCVE-2016-4616 : Michael Paddon\nCVE-2016-4619 : Hanno Boeck\n\nlibxslt\nAvailable for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,\nand OS X El Capitan v10.11 and later\nImpact: Multiple vulnerabilities in libxslt\nDescription: Multiple memory corruption issues were addressed\nthrough improved memory handling. \nCVE-2016-1684 : Nicolas GrA(c)goire\nCVE-2016-4607 : Nick Wellnhofer\nCVE-2016-4608 : Nicolas GrA(c)goire\nCVE-2016-4609 : Nick Wellnhofer\nCVE-2016-4610 : Nick Wellnhofer\nCVE-2016-4612 : Nicolas GrA(c)goire\n\nLogin Window\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A malicious application may be able to execute arbitrary\ncode leading to compromise of user information\nDescription: A memory corruption issue was addressed through\nimproved input validation. \nCVE-2016-4640 : Yubin Fu of Tencent KeenLab working with Trend\nMicro\u0027s Zero Day Initiative\n\nLogin Window\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A malicious application may be able to execute arbitrary\ncode leading to the compromise of user information\nDescription: A type confusion issue was addressed through improved\nmemory handling. \nCVE-2016-4641 : Yubin Fu of Tencent KeenLab working with Trend\nMicro\u0027s Zero Day Initiative\n\nLogin Window\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local user may be able to cause a denial of service\nDescription: A memory initialization issue was addressed through\nimproved memory handling. \nCVE-2016-4639 : Yubin Fu of Tencent KeenLab working with Trend\nMicro\u0027s Zero Day Initiative\n\nLogin Window\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A malicious application may be able to gain root privileges\nDescription: A type confusion issue was addressed through improved\nmemory handling. \nCVE-2016-4638 : Yubin Fu of Tencent KeenLab working with Trend\nMicro\u0027s Zero Day Initiative\n\nOpenSSL\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A remote attacker may be able to execute arbitrary code\nDescription: Multiple issues existed in OpenSSL. These issues were resolved by backporting the fixes from OpenSSL 1.0.2h/1.0.1 to OpenSSL 0.9.8. \nCVE-2016-2105 : Guido Vranken\nCVE-2016-2106 : Guido Vranken\nCVE-2016-2107 : Juraj Somorovsky\nCVE-2016-2108 : Huzaifa Sidhpurwala (Red Hat), Hanno Boeck, David Benjamin (Google), Mark Brand and Ian Beer of Google Project Zero\nCVE-2016-2109 : Brian Carpenter\nCVE-2016-2176 : Guido Vranken\n\nQuickTime\nAvailable for: OS X El Capitan v10.11 and later\nImpact: Processing a maliciously crafted FlashPix Bitmap Image may\nlead to unexpected application termination or arbitrary code\nexecution\nDescription: Multiple memory corruption issues were addressed\nthrough improved memory handling. \nCVE-2016-4596 : Ke Liu of Tencent\u0027s Xuanwu Lab\nCVE-2016-4597 : Ke Liu of Tencent\u0027s Xuanwu Lab\nCVE-2016-4600 : Ke Liu of Tencent\u0027s Xuanwu Lab\nCVE-2016-4602 : Ke Liu of Tencent\u0027s Xuanwu Lab\n\nQuickTime\nAvailable for: OS X El Capitan v10.11 and later\nImpact: Processing a maliciously crafted image may lead to arbitrary\ncode execution\nDescription: A memory corruption issue was addressed through\nimproved input validation. \nCVE-2016-4598 : Ke Liu of Tencent\u0027s Xuanwu Lab\n\nQuickTime\nAvailable for: OS X El Capitan v10.11 and later\nImpact: Processing a maliciously crafted SGI file may lead to\narbitrary code execution\nDescription: A memory corruption issue was addressed through\nimproved input validation. \nCVE-2016-4601 : Ke Liu of Tencent\u0027s Xuanwu Lab\n\nQuickTime\nAvailable for: OS X El Capitan v10.11 and later\nImpact: Processing a maliciously crafted Photoshop document may lead\nto unexpected application termination or arbitrary code execution\nDescription: A memory corruption issue was addressed through\nimproved input validation. \nCVE-2016-4599 : Ke Liu of Tencent\u0027s Xuanwu Lab\n\nSafari Login AutoFill\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A user\u0027s password may be visible on screen\nDescription: An issue existed in Safari\u0027s password auto-fill. This\nissue was addressed through improved matching of form fields. \nCVE-2016-4595 : Jonathan Lewis from DeARX Services (PTY) LTD\n\nSandbox Profiles\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local application may be able to access the process list\nDescription: An access issue existed with privileged API calls. This\nissue was addressed through additional restrictions. \nCVE-2016-4594 : Stefan Esser of SektionEins\n\nNote: OS X El Capitan 10.11.6 includes the security content of Safari\n9.1.2. For further details see https://support.apple.com/kb/HT206900\n\n\nOS X El Capitan v10.11.6 and Security Update 2016-004 may be obtained\nfrom the Mac App Store or Apple\u0027s Software Downloads web site:\nhttp://www.apple.com/support/downloads/\n\nInformation will also be posted to the Apple Security Updates\nweb site: http://support.apple.com/kb/HT201222\n\nThis message is signed with Apple\u0027s Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n-----BEGIN PGP SIGNATURE-----\nComment: GPGTools - https://gpgtools.org\n\niQIcBAEBCgAGBQJXjXAvAAoJEIOj74w0bLRG/5EP/2v9SJTrO+/4b3A1gqC1ch8y\n+cJ04tXRsO7rvjKT5nCylo30U0Sanz/bUbDx4559YS7/P/IyeyZVheaTJwK8wzEy\npSOPpy35hUuVIw0/p4YsuHDThSBPFMmDljTxH7elkfuBV1lPSrCkyDXc0re2HxWV\nxj68zAxtM0jkkhgcxb2ApZSZVXhrjUZtbY0xEVOoWKKFwbMvKfx+4xSqunwQeS1u\nwevs1EbxfvsZbc3pG+xYcOonbegBzOy9aCvNO1Yv1zG+AYXC5ERMq1vk3PsWOTQN\nZVY1I7mvCaEfvmjq2isRw8XYapAIKISDLwMKBSYrZDQFwPQLRi1VXxQZ67Kq1M3k\nah04/lr0RIcoosIcBqxD2+1UAFjUzEUNFkYivjhuaeegN2QdL7Ujegf1QjdAt8lk\nmmKduxYUDOaRX50Kw7n14ZveJqzE1D5I6QSItaZ9M1vR60a7u91DSj9D87vbt1YC\nJM/Rvf/4vonp1NjwA2JQwCiZfYliBDdn9iiCl8mzxdsSRD/wXcZCs05nnKmKsCfc\n55ET7IwdG3622lVheOJGQZuucwJiTn36zC11XVzZysQd/hLD5rUKUQNX1WOgZdzs\nxPsslXF5MWx9jcdyWVSWxDrN0sFk+GpQFQDuVozP60xuxqR3qQ0TXir2NP39uIF5\nYozOGPQFmX0OviWCQsX6\n=ng+m\n-----END PGP SIGNATURE-----\n. \n\nResolution\n==========\n\nAll Binary diff users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev-util/bsdiff-4.3-r4\"\n\nReferences\n==========\n\n[ 1 ] CVE-2014-9862\n https://nvd.nist.gov/vuln/detail/CVE-2014-9862\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/202003-44\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2020 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttps://creativecommons.org/licenses/by-sa/2.5\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-9862"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004021"
},
{
"db": "BID",
"id": "91824"
},
{
"db": "VULHUB",
"id": "VHN-77807"
},
{
"db": "VULMON",
"id": "CVE-2014-9862"
},
{
"db": "PACKETSTORM",
"id": "159184"
},
{
"db": "PACKETSTORM",
"id": "138042"
},
{
"db": "PACKETSTORM",
"id": "137958"
},
{
"db": "PACKETSTORM",
"id": "156828"
}
],
"trust": 2.43
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-9862",
"trust": 3.3
},
{
"db": "BID",
"id": "91824",
"trust": 2.1
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2020/07/09/2",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1036438",
"trust": 1.8
},
{
"db": "PACKETSTORM",
"id": "156828",
"trust": 0.8
},
{
"db": "PACKETSTORM",
"id": "159184",
"trust": 0.8
},
{
"db": "JVN",
"id": "JVNVU94844193",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004021",
"trust": 0.8
},
{
"db": "CS-HELP",
"id": "SB2022010607",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.4492",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.5277",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.3161",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201607-841",
"trust": 0.6
},
{
"db": "ZDI",
"id": "ZDI-16-496",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-16-437",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-16-431",
"trust": 0.3
},
{
"db": "ZDI",
"id": "ZDI-16-435",
"trust": 0.3
},
{
"db": "PACKETSTORM",
"id": "137958",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "138042",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-77807",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2014-9862",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-77807"
},
{
"db": "VULMON",
"id": "CVE-2014-9862"
},
{
"db": "BID",
"id": "91824"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004021"
},
{
"db": "PACKETSTORM",
"id": "159184"
},
{
"db": "PACKETSTORM",
"id": "138042"
},
{
"db": "PACKETSTORM",
"id": "137958"
},
{
"db": "PACKETSTORM",
"id": "156828"
},
{
"db": "CNNVD",
"id": "CNNVD-201607-841"
},
{
"db": "NVD",
"id": "CVE-2014-9862"
}
]
},
"id": "VAR-201607-0687",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-77807"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T21:25:03.251000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Apple security updates",
"trust": 0.8,
"url": "https://support.apple.com/en-us/HT201222"
},
{
"title": "APPLE-SA-2016-07-18-1 OS X El Capitan v10.11.6 and Security Update 2016-004",
"trust": 0.8,
"url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html"
},
{
"title": "HT206903",
"trust": 0.8,
"url": "https://support.apple.com/en-us/HT206903"
},
{
"title": "HT206903",
"trust": 0.8,
"url": "https://support.apple.com/ja-jp/HT206903"
},
{
"title": "Issue 372525",
"trust": 0.8,
"url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=618\u0026redir=1"
},
{
"title": "fix vulnerability in bspatch",
"trust": 0.8,
"url": "https://android.googlesource.com/platform/external/bsdiff/+/4d054795b673855e3a7556c6f2f7ab99ca509998"
},
{
"title": "bspatch: Add a sanity-check for malformed patches.",
"trust": 0.8,
"url": "https://chromium.googlesource.com/chromiumos/third_party/bsdiff/+/d0307d1711bd74e51b783a49f9160775aa22e659"
},
{
"title": "Apple OS X bsdiff Fixes for integer symbol error vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=63201"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/VGtalion/bsdiff "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2014-9862"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004021"
},
{
"db": "CNNVD",
"id": "CNNVD-201607-841"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-190",
"trust": 1.1
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-77807"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004021"
},
{
"db": "NVD",
"id": "CVE-2014-9862"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://lists.debian.org/debian-lts-announce/2019/11/msg00028.html"
},
{
"trust": 1.9,
"url": "http://seclists.org/fulldisclosure/2020/jul/8"
},
{
"trust": 1.9,
"url": "https://security.gentoo.org/glsa/202003-44"
},
{
"trust": 1.8,
"url": "http://lists.apple.com/archives/security-announce/2016/jul/msg00000.html"
},
{
"trust": 1.8,
"url": "http://www.securityfocus.com/bid/91824"
},
{
"trust": 1.8,
"url": "https://android.googlesource.com/platform/external/bsdiff/+/4d054795b673855e3a7556c6f2f7ab99ca509998"
},
{
"trust": 1.8,
"url": "https://bugs.chromium.org/p/chromium/issues/detail?id=372525"
},
{
"trust": 1.8,
"url": "https://chromium.googlesource.com/chromiumos/third_party/bsdiff/+/d0307d1711bd74e51b783a49f9160775aa22e659"
},
{
"trust": 1.8,
"url": "https://support.apple.com/ht206903"
},
{
"trust": 1.8,
"url": "https://security.freebsd.org/advisories/freebsd-sa-16:25.bspatch.asc"
},
{
"trust": 1.8,
"url": "http://www.openwall.com/lists/oss-security/2020/07/09/2"
},
{
"trust": 1.8,
"url": "http://www.securitytracker.com/id/1036438"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-updates/2016-08/msg00026.html"
},
{
"trust": 1.8,
"url": "https://usn.ubuntu.com/4500-1/"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-9862"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu94844193/index.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-9862"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/156828/gentoo-linux-security-advisory-202003-44.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.4492/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.3161/"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/159184/ubuntu-security-notice-usn-4500-1.html"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/libostree-memory-corruption-via-bsdiff-39670"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022010607"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.5277"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-9862"
},
{
"trust": 0.3,
"url": "https://www.apple.com/"
},
{
"trust": 0.3,
"url": "http://www.apple.com/macosx/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-431/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-435/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-437/"
},
{
"trust": 0.3,
"url": "apple os x acmp4aacbasedecoder out-of-bounds read information disclosure vulnerability"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-496/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/190.html"
},
{
"trust": 0.1,
"url": "https://github.com/vgtalion/bsdiff"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=47129"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/bsdiff/4.3-15+deb8u1build0.16.04.1"
},
{
"trust": 0.1,
"url": "https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/4500-1"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-16:25/bspatch.patch.asc"
},
{
"trust": 0.1,
"url": "https://www.freebsd.org/handbook/makeworld.html\u003e."
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/\u003e."
},
{
"trust": 0.1,
"url": "https://bugs.chromium.org/p/chromium/issues/detail?id=372525\u003e"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/advisories/freebsd-sa-16:25.bspatch.asc\u003e"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-9862\u003e"
},
{
"trust": 0.1,
"url": "https://svnweb.freebsd.org/base?view=revision\u0026revision=nnnnnn\u003e"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-16:25/bspatch.patch"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2107"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0718"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4599"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2109"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4601"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2106"
},
{
"trust": 0.1,
"url": "https://gpgtools.org"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4449"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4483"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1836"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4600"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1865"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4597"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4596"
},
{
"trust": 0.1,
"url": "http://www.apple.com/support/downloads/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4447"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1863"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4582"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2108"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4595"
},
{
"trust": 0.1,
"url": "https://www.apple.com/support/security/pgp/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1864"
},
{
"trust": 0.1,
"url": "http://support.apple.com/kb/ht201222"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4607"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2105"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4448"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4598"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1684"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4602"
},
{
"trust": 0.1,
"url": "https://support.apple.com/kb/ht206900"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2176"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4594"
},
{
"trust": 0.1,
"url": "https://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-77807"
},
{
"db": "VULMON",
"id": "CVE-2014-9862"
},
{
"db": "BID",
"id": "91824"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004021"
},
{
"db": "PACKETSTORM",
"id": "159184"
},
{
"db": "PACKETSTORM",
"id": "138042"
},
{
"db": "PACKETSTORM",
"id": "137958"
},
{
"db": "PACKETSTORM",
"id": "156828"
},
{
"db": "CNNVD",
"id": "CNNVD-201607-841"
},
{
"db": "NVD",
"id": "CVE-2014-9862"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-77807"
},
{
"db": "VULMON",
"id": "CVE-2014-9862"
},
{
"db": "BID",
"id": "91824"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004021"
},
{
"db": "PACKETSTORM",
"id": "159184"
},
{
"db": "PACKETSTORM",
"id": "138042"
},
{
"db": "PACKETSTORM",
"id": "137958"
},
{
"db": "PACKETSTORM",
"id": "156828"
},
{
"db": "CNNVD",
"id": "CNNVD-201607-841"
},
{
"db": "NVD",
"id": "CVE-2014-9862"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-07-22T00:00:00",
"db": "VULHUB",
"id": "VHN-77807"
},
{
"date": "2016-07-22T00:00:00",
"db": "VULMON",
"id": "CVE-2014-9862"
},
{
"date": "2016-07-18T00:00:00",
"db": "BID",
"id": "91824"
},
{
"date": "2016-07-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-004021"
},
{
"date": "2020-09-15T21:59:11",
"db": "PACKETSTORM",
"id": "159184"
},
{
"date": "2016-07-25T19:56:00",
"db": "PACKETSTORM",
"id": "138042"
},
{
"date": "2016-07-19T19:45:20",
"db": "PACKETSTORM",
"id": "137958"
},
{
"date": "2020-03-19T22:00:48",
"db": "PACKETSTORM",
"id": "156828"
},
{
"date": "2016-07-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201607-841"
},
{
"date": "2016-07-22T02:59:00.127000",
"db": "NVD",
"id": "CVE-2014-9862"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-09-17T00:00:00",
"db": "VULHUB",
"id": "VHN-77807"
},
{
"date": "2020-09-17T00:00:00",
"db": "VULMON",
"id": "CVE-2014-9862"
},
{
"date": "2016-08-29T19:00:00",
"db": "BID",
"id": "91824"
},
{
"date": "2016-07-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-004021"
},
{
"date": "2022-10-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201607-841"
},
{
"date": "2024-11-21T02:21:50.330000",
"db": "NVD",
"id": "CVE-2014-9862"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201607-841"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Apple OS X Used in products such as bsdiff of bspatch of bspatch.c Integer sign error vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-004021"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201607-841"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…