openSUSE Security Update : libplist (openSUSE-2017-230)
Medium Nessus Plugin ID 97093
SynopsisThe remote openSUSE host is missing a security update.
DescriptionThis update for libplist addresses the following vulnerabilities :
- CVE-2017-5545: OOB heap buffer read which could allow attackers to obtain sensitive information from process memory or cause a DoS (bsc#1021610)
- CVE-2017-5209: base64decode function could have allowed attackers to obtain sensitive information from process memory or cause a denial of service (buffer over-read) via split encoded Apple Property List data
SolutionUpdate the affected libplist packages.