CVE-2015-0860 SUSE企业Linux安全更新dpkg (SUSE-SU-2017:1096-1)

漏洞类别:SUSE

漏洞等级:

漏洞信息

SUSE has released security update for dpkg to fix the vulnerabilities.

Affected Products:
SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Desktop 12-SP1

漏洞危害

This vulnerability could be exploited to gain partial access to sensitive information. Malicious users could also use this vulnerability to change partial contents or configuration on the system. Additionally this vulnerability can also be used to cause a limited denial of service in the form of interruptions in resource availability.

解决方案

Upgrade to the latest packages which contain a patch. To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product.

To install packages using the command line interface, use the command “yum update”.

Refer to SUSE security advisory SUSE-SU-2017:1096-1 to address this issue and obtain further details.

Patch:
Following are links for downloading patches to fix the vulnerabilities:

SUSE-SU-2017:1096-1: SUSE Enterprise Linux

0day

发表评论