Lucene search

K
suseSuseOPENSUSE-SU-2021:0444-1
HistoryMar 18, 2021 - 12:00 a.m.

Security update for libmysofa (moderate)

2021-03-1800:00:00
lists.opensuse.org
9

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.004 Low

EPSS

Percentile

72.7%

An update that fixes 13 vulnerabilities is now available.

Description:

This update for libmysofa fixes the following issues:

  • Added security backports: gh#hoene/libmysofa#136 - CVE-2020-36152 -
    boo#1181977 gh#hoene/libmysofa#138 - CVE-2020-36148 - boo#1181981
    gh#hoene/libmysofa#137 - CVE-2020-36149 - boo#1181980
    gh#hoene/libmysofa#134 - CVE-2020-36151 - boo#1181978
    gh#hoene/libmysofa#135 - CVE-2020-36150 - boo#1181979
    gh#hoene/libmysofa#96 - CVE-2020-6860 - boo#1182883

Update to version 0.9.1

 * Extended angular neighbor search to 'close the sphere'
 * Added and exposed mysofa_getfilter_float_nointerp method
 * Fixed various security issues CVE-2019-16091 - boo#1149919
   CVE-2019-16092 - boo#1149920 CVE-2019-16093 - boo#1149922
   CVE-2019-16094 - boo#1149924 CVE-2019-16095 - boo#1149926
   CVE-2019-20016 - boo#1159839 CVE-2019-20063 - boo#1160040

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.

Alternatively you can run the command listed for your product:

  • openSUSE Leap 15.2:

    zypper in -t patch openSUSE-2021-444=1

OSVersionArchitecturePackageVersionFilename
openSUSE Leap15.2x86_64< - openSUSE Leap 15.2 (x86_64):- openSUSE Leap 15.2 (x86_64):.x86_64.rpm

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.004 Low

EPSS

Percentile

72.7%