Lucene search

K
suseSuseOPENSUSE-SU-2018:0569-1
HistoryMar 01, 2018 - 3:08 p.m.

Security update for freexl (important)

2018-03-0115:08:19
lists.opensuse.org
31

EPSS

0.005

Percentile

76.7%

This update for freexl fixes the following issues:

freexl was updated to version 1.0.5:

  • No changelog provided by upstream

  • Various heapoverflows in 1.0.4 have been fixed:

    • CVE-2018-7439: heap-buffer-overflow in freexl.c:3912
      read_mini_biff_next_record (boo#1082774)
    • CVE-2018-7438: heap-buffer-overflow in freexl.c:383
      parse_unicode_string (boo#1082775)
    • CVE-2018-7437: heap-buffer-overflow in freexl.c:1866
      parse_SST(boo#1082776)
    • CVE-2018-7436: heap-buffer-overflow in freexl.c:1805 parse_SST
      parse_SST (boo#1082777)
    • CVE-2018-7435: heap-buffer-overflow in freexl::destroy_cell
      (boo#1082778)