Security update for libplist SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2017:0528-1 Final 1 1 2017-02-20T17:20:49Z current 2017-02-20T17:20:49Z 2017-02-20T17:20:49Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for libplist This update for libplist fixes the following issues: - CVE-2017-5209: The base64decode function in libplist allowed attackers to obtain sensitive information from process memory or cause a denial of service (buffer over-read) via split encoded Apple Property List data (bsc#1019531). - CVE-2017-5834: A heap-buffer overflow in parse_dict_node was fixed (bsc#1023848) - CVE-2017-5835: A memory allocation error leading to DoS was fixed. (bsc#1023822) - CVE-2017-5836: A type inconsistency in bplist.c was fixed. (bsc#1023807) The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://lists.opensuse.org/opensuse-updates/2017-02/msg00096.html E-Mail link for openSUSE-SU-2017:0528-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings openSUSE Leap 42.1 libplist-1.12-7.1 libplist++-devel-1.12-7.1 libplist++3-1.12-7.1 libplist++3-32bit-1.12-7.1 libplist-devel-1.12-7.1 libplist3-1.12-7.1 libplist3-32bit-1.12-7.1 plistutil-1.12-7.1 python-plist-1.12-7.1 libplist-1.12-7.1 as a component of openSUSE Leap 42.1 libplist++-devel-1.12-7.1 as a component of openSUSE Leap 42.1 libplist++3-1.12-7.1 as a component of openSUSE Leap 42.1 libplist++3-32bit-1.12-7.1 as a component of openSUSE Leap 42.1 libplist-devel-1.12-7.1 as a component of openSUSE Leap 42.1 libplist3-1.12-7.1 as a component of openSUSE Leap 42.1 libplist3-32bit-1.12-7.1 as a component of openSUSE Leap 42.1 plistutil-1.12-7.1 as a component of openSUSE Leap 42.1 python-plist-1.12-7.1 as a component of openSUSE Leap 42.1 The base64decode function in base64.c in libimobiledevice libplist through 1.12 allows attackers to obtain sensitive information from process memory or cause a denial of service (buffer over-read) via split encoded Apple Property List data. CVE-2017-5209 openSUSE Leap 42.1:libplist++-devel-1.12-7.1 openSUSE Leap 42.1:libplist++3-1.12-7.1 openSUSE Leap 42.1:libplist++3-32bit-1.12-7.1 openSUSE Leap 42.1:libplist-1.12-7.1 openSUSE Leap 42.1:libplist-devel-1.12-7.1 openSUSE Leap 42.1:libplist3-1.12-7.1 openSUSE Leap 42.1:libplist3-32bit-1.12-7.1 openSUSE Leap 42.1:plistutil-1.12-7.1 openSUSE Leap 42.1:python-plist-1.12-7.1 moderate 4.3 AV:A/AC:M/Au:N/C:P/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-02/msg00096.html https://www.suse.com/security/cve/CVE-2017-5209.html CVE-2017-5209 https://bugzilla.suse.com/1019531 SUSE Bug 1019531 https://bugzilla.suse.com/1021610 SUSE Bug 1021610 The parse_dict_node function in bplist.c in libplist allows attackers to cause a denial of service (out-of-bounds heap read and crash) via a crafted file. CVE-2017-5834 openSUSE Leap 42.1:libplist++-devel-1.12-7.1 openSUSE Leap 42.1:libplist++3-1.12-7.1 openSUSE Leap 42.1:libplist++3-32bit-1.12-7.1 openSUSE Leap 42.1:libplist-1.12-7.1 openSUSE Leap 42.1:libplist-devel-1.12-7.1 openSUSE Leap 42.1:libplist3-1.12-7.1 openSUSE Leap 42.1:libplist3-32bit-1.12-7.1 openSUSE Leap 42.1:plistutil-1.12-7.1 openSUSE Leap 42.1:python-plist-1.12-7.1 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-02/msg00096.html https://www.suse.com/security/cve/CVE-2017-5834.html CVE-2017-5834 https://bugzilla.suse.com/1023848 SUSE Bug 1023848 libplist allows attackers to cause a denial of service (large memory allocation and crash) via vectors involving an offset size of zero. CVE-2017-5835 openSUSE Leap 42.1:libplist++-devel-1.12-7.1 openSUSE Leap 42.1:libplist++3-1.12-7.1 openSUSE Leap 42.1:libplist++3-32bit-1.12-7.1 openSUSE Leap 42.1:libplist-1.12-7.1 openSUSE Leap 42.1:libplist-devel-1.12-7.1 openSUSE Leap 42.1:libplist3-1.12-7.1 openSUSE Leap 42.1:libplist3-32bit-1.12-7.1 openSUSE Leap 42.1:plistutil-1.12-7.1 openSUSE Leap 42.1:python-plist-1.12-7.1 low 1.9 AV:L/AC:M/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-02/msg00096.html https://www.suse.com/security/cve/CVE-2017-5835.html CVE-2017-5835 https://bugzilla.suse.com/1023822 SUSE Bug 1023822 The plist_free_data function in plist.c in libplist allows attackers to cause a denial of service (crash) via vectors involving an integer node that is treated as a PLIST_KEY and then triggers an invalid free. CVE-2017-5836 openSUSE Leap 42.1:libplist++-devel-1.12-7.1 openSUSE Leap 42.1:libplist++3-1.12-7.1 openSUSE Leap 42.1:libplist++3-32bit-1.12-7.1 openSUSE Leap 42.1:libplist-1.12-7.1 openSUSE Leap 42.1:libplist-devel-1.12-7.1 openSUSE Leap 42.1:libplist3-1.12-7.1 openSUSE Leap 42.1:libplist3-32bit-1.12-7.1 openSUSE Leap 42.1:plistutil-1.12-7.1 openSUSE Leap 42.1:python-plist-1.12-7.1 low 1.9 AV:L/AC:M/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-02/msg00096.html https://www.suse.com/security/cve/CVE-2017-5836.html CVE-2017-5836 https://bugzilla.suse.com/1023807 SUSE Bug 1023807 https://bugzilla.suse.com/1023848 SUSE Bug 1023848