17883 important openSUSE Backports SLE-15-SP4 Update upx was updated to fix the following issues: Update to release 4.0.2 * Fix unpack of ELF x86-64 that failed with "CantUnpackException: corrupt b_info" * Resolve SEGV on PackLinuxElf64::invert_pt_dynamic - CVE-2021-30500: Fixed Null pointer dereference in PackLinuxElf:canUnpack() in p_lx_elf.cpp - CVE-2021-30501: Fixed Assertion abort in function MemBuffer:alloc() - CVE-2021-43311: Fixed Heap-based buffer overflow in PackLinuxElf32:elf_lookup() at p_lx_elf.cpp - CVE-2021-43312: Fixed Heap-based buffer overflow in PackLinuxElf64:invert_pt_dynamic at p_lx_elf.cpp:5239 - CVE-2021-43313: Fixed Heap-based buffer overflow in PackLinuxElf32:invert_pt_dynamic at p_lx_elf.cpp:1688 - CVE-2021-43314: Fixed Heap-based buffer overflows in PackLinuxElf32:elf_lookup() at p_lx_elf.cp - CVE-2021-43315: Fixed Heap-based buffer overflows in PackLinuxElf32:elf_lookup() at p_lx_elf.cp - CVE-2021-43316: Fixed Heap-based buffer overflow in func get_le64() - CVE-2021-43317: Fixed Heap-based buffer overflows in PackLinuxElf64:elf_lookup() at p_lx_elf.cp - CVE-2023-23456: Fixed heap-buffer-overflow in PackTmt:pack() - CVE-2023-23457: Fixed SEGV on PackLinuxElf64:invert_pt_dynamic() in p_lx_elf.cpp upx-4.0.2-bp154.4.6.1.src.rpm upx-4.0.2-bp154.4.6.1.x86_64.rpm upx-debuginfo-4.0.2-bp154.4.6.1.x86_64.rpm upx-debugsource-4.0.2-bp154.4.6.1.x86_64.rpm upx-4.0.2-bp154.4.6.1.aarch64.rpm upx-debuginfo-4.0.2-bp154.4.6.1.aarch64.rpm upx-debugsource-4.0.2-bp154.4.6.1.aarch64.rpm upx-4.0.2-bp154.4.6.1.ppc64le.rpm upx-debuginfo-4.0.2-bp154.4.6.1.ppc64le.rpm upx-debugsource-4.0.2-bp154.4.6.1.ppc64le.rpm upx-4.0.2-bp154.4.6.1.s390x.rpm upx-debuginfo-4.0.2-bp154.4.6.1.s390x.rpm upx-debugsource-4.0.2-bp154.4.6.1.s390x.rpm