An update that fixes two vulnerabilities is now available.
Description:
This update for u-boot fixes the following issues:
Security issues fixed:
- CVE-2019-13106: Fixed stack buffer overflow via a crafted ext4 filesystem that may lead to code execution (bsc#1144656). - CVE-2019-13104: Fixed an underflow that could cause memcpy() to overwrite a very large amount of data via a crafted ext4 filesystem (bsc#1144675).
This update was imported from the SUSE:SLE-15:Update update project.
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product: