openSUSE Security Update : dpkg (openSUSE-2017-549)
High Nessus Plugin ID 100036
SynopsisThe remote openSUSE host is missing a security update.
DescriptionThis update for dpkg fixes the following issues :
This security issue was fixed :
- CVE-2015-0860: Off-by-one error in the extracthalf function in dpkg-deb/extract.c in the dpkg-deb component in dpkg allowed remote attackers to execute arbitrary code via the archive magic version number in an 'old-style' Debian binary package, which triggered a stack-based buffer overflow (bsc#957160).
This update was imported from the SUSE:SLE-12-SP1:Update update project.
SolutionUpdate the affected dpkg packages.