openSUSE Security Update : libebml / libmatroska (openSUSE-2016-37)

This script is Copyright (C) 2016 Tenable Network Security, Inc.


Synopsis :

The remote openSUSE host is missing a security update.

Description :

This update for libebml, libmatroska fixes the following security
issues :

Vulnerabilities fixed in libebml :

- Cisco TALOS-CAN-0036: Invalid memory access when reading
from a UTF-8 string resulted in a heap information leak
(bsc#961031).

- Cisco TALOS-CAN-0037: Deeply nested elements with
infinite size use-after-free and multiple free
(bsc#961031).

- Invalid mempry access resulted in heap information leak

Vulnerabilities fixed in libmatroska :

- invalid memory access when reading specially crafted
data lead to a heap information leak.

See also :

https://bugzilla.opensuse.org/show_bug.cgi?id=961031

Solution :

Update the affected libebml / libmatroska packages.

Risk factor :

Medium

Family: SuSE Local Security Checks

Nessus Plugin ID: 88127 ()

Bugtraq ID:

CVE ID:

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now