Bugzilla – Bug 1200120
VUL-0: CVE-2022-31783: liblouis: invalid memory write in compileRule() in compileTranslationTable.c
Last modified: 2022-07-06 16:34:36 UTC
rh#2092277 Liblouis 3.21.0 has an out-of-bounds write in compileRule in compileTranslationTable.c. References: https://github.com/liblouis/liblouis/issues/1214 https://github.com/liblouis/liblouis/commit/2e4772befb2b1c37cb4b9d6572945115ee28630a References: https://bugzilla.redhat.com/show_bug.cgi?id=2092277 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-31783
Affected: - SUSE:SLE-15:Update - SUSE:SLE-15-SP2:Update - SUSE:SLE-15-SP4:Update - openSUSE:Factory
SUSE-SU-2022:2184-1: An update that fixes two vulnerabilities is now available. Category: security (important) Bug References: 1197085,1200120 CVE References: CVE-2022-26981,CVE-2022-31783 JIRA References: Sources used: openSUSE Leap 15.4 (src): liblouis-3.11.0-150200.3.3.1 openSUSE Leap 15.3 (src): liblouis-3.11.0-150200.3.3.1 SUSE Manager Server 4.1 (src): liblouis-3.11.0-150200.3.3.1 SUSE Manager Retail Branch Server 4.1 (src): liblouis-3.11.0-150200.3.3.1 SUSE Manager Proxy 4.1 (src): liblouis-3.11.0-150200.3.3.1 SUSE Linux Enterprise Server for SAP 15-SP2 (src): liblouis-3.11.0-150200.3.3.1 SUSE Linux Enterprise Server 15-SP2-LTSS (src): liblouis-3.11.0-150200.3.3.1 SUSE Linux Enterprise Server 15-SP2-BCL (src): liblouis-3.11.0-150200.3.3.1 SUSE Linux Enterprise Module for Desktop Applications 15-SP3 (src): liblouis-3.11.0-150200.3.3.1 SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (src): liblouis-3.11.0-150200.3.3.1 SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (src): liblouis-3.11.0-150200.3.3.1 SUSE Enterprise Storage 7 (src): liblouis-3.11.0-150200.3.3.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2022:2252-1: An update that solves two vulnerabilities and has one errata is now available. Category: security (important) Bug References: 1130813,1197085,1200120 CVE References: CVE-2022-26981,CVE-2022-31783 JIRA References: Sources used: openSUSE Leap 15.4 (src): liblouis-3.3.0-150000.4.8.1 openSUSE Leap 15.3 (src): liblouis-3.3.0-150000.4.8.1 SUSE Linux Enterprise Server for SAP 15-SP1 (src): liblouis-3.3.0-150000.4.8.1 SUSE Linux Enterprise Server for SAP 15 (src): liblouis-3.3.0-150000.4.8.1 SUSE Linux Enterprise Server 15-SP1-LTSS (src): liblouis-3.3.0-150000.4.8.1 SUSE Linux Enterprise Server 15-SP1-BCL (src): liblouis-3.3.0-150000.4.8.1 SUSE Linux Enterprise Server 15-LTSS (src): liblouis-3.3.0-150000.4.8.1 SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (src): liblouis-3.3.0-150000.4.8.1 SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (src): liblouis-3.3.0-150000.4.8.1 SUSE Linux Enterprise High Performance Computing 15-LTSS (src): liblouis-3.3.0-150000.4.8.1 SUSE Linux Enterprise High Performance Computing 15-ESPOS (src): liblouis-3.3.0-150000.4.8.1 SUSE Enterprise Storage 6 (src): liblouis-3.3.0-150000.4.8.1 SUSE CaaS Platform 4.0 (src): liblouis-3.3.0-150000.4.8.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2022:2298-1: An update that fixes two vulnerabilities is now available. Category: security (important) Bug References: 1197085,1200120 CVE References: CVE-2022-26981,CVE-2022-31783 JIRA References: Sources used: openSUSE Leap 15.4 (src): liblouis-3.20.0-150400.3.3.1 SUSE Linux Enterprise Module for Desktop Applications 15-SP4 (src): liblouis-3.20.0-150400.3.3.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.