VYPR

rpm package

suse/libqb&distro=SUSE Linux Enterprise High Availability Extension 15 SP1

pkg:rpm/suse/libqb&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2015%20SP1

Vulnerabilities (2)

  • CVE-2023-39976Aug 8, 2023
    affected < 1.0.3+20190326.a521604-150100.3.9.1fixed 1.0.3+20190326.a521604-150100.3.9.1

    log_blackbox.c in libqb before 2.0.8 allows a buffer overflow via long log messages because the header size is not considered.

  • CVE-2019-12779Jun 7, 2019
    affected < 1.0.3+20190326.a521604-3.3.1fixed 1.0.3+20190326.a521604-3.3.1

    libqb before 1.0.5 allows local users to overwrite arbitrary files via a symlink attack, because it uses predictable filenames (under /dev/shm and /tmp) without O_EXCL.