Test ID:	1.3.6.1.4.1.25623.1.0.852753
Category:	SuSE Local Security Checks
Title:	openSUSE: Security Advisory for lz4 (openSUSE-SU-2019:2398-1)
Summary:	The remote host is missing an update for the 'lz4'; package(s) announced via the openSUSE-SU-2019:2398-1 advisory.
Description:	Summary: The remote host is missing an update for the 'lz4' package(s) announced via the openSUSE-SU-2019:2398-1 advisory. Vulnerability Insight: This update for lz4 fixes the following issues: - CVE-2019-17543: Fixed a heap-based buffer overflow in LZ4_write32 (bsc#1153936). This update was imported from the SUSE:SLE-15:Update update project. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or 'zypper patch'. Alternatively you can run the command listed for your product: - openSUSE Leap 15.0: zypper in -t patch openSUSE-2019-2398=1 Affected Software/OS: 'lz4' package(s) on openSUSE Leap 15.0. Solution: Please install the updated package(s). CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2019-17543 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15941 https://github.com/lz4/lz4/compare/v1.9.1...v1.9.2 https://github.com/lz4/lz4/issues/801 https://github.com/lz4/lz4/pull/756 https://github.com/lz4/lz4/pull/760 https://lists.apache.org/thread.html/r0fb226357e7988a241b06b93bab065bcea2eb38658b382e485960e26@%3Cissues.kudu.apache.org%3E https://www.oracle.com//security-alerts/cpujul2021.html https://www.oracle.com/security-alerts/cpuoct2020.html https://lists.apache.org/thread.html/f506bc371d4a068d5d84d7361293568f61167d3a1c3e91f0def2d7d3@%3Cdev.arrow.apache.org%3E https://lists.apache.org/thread.html/f0038c4fab2ee25aee849ebeff6b33b3aa89e07ccfb06b5c87b36316@%3Cissues.arrow.apache.org%3E https://lists.apache.org/thread.html/9ff0606d16be2ab6a81619e1c9e23c3e251756638e36272c8c8b7fa3@%3Cissues.arrow.apache.org%3E https://lists.apache.org/thread.html/793012683dc0fa6819b7c2560e6cf990811014c40c7d75412099c357@%3Cissues.arrow.apache.org%3E https://lists.apache.org/thread.html/25015588b770d67470b7ba7ea49a305d6735dd7f00eabe7d50ec1e17@%3Cissues.arrow.apache.org%3E https://lists.apache.org/thread.html/543302d55e2d2da4311994e9b0debdc676bf3fd05e1a2be3407aa2d6@%3Cissues.arrow.apache.org%3E https://lists.apache.org/thread.html/r7bc72200f94298bc9a0e35637f388deb53467ca4b2e2ad1ff66d8960@%3Cissues.kudu.apache.org%3E https://lists.apache.org/thread.html/r4068ba81066792f2b4d208b39c4c4713c5d4c79bd8cb6c1904af5720@%3Cissues.kudu.apache.org%3E SuSE Security Announcement: openSUSE-SU-2019:2398 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00069.html SuSE Security Announcement: openSUSE-SU-2019:2399 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00070.html
Copyright	Copyright (C) 2019 Greenbone Networks GmbH

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.