{"affected":[{"ecosystem_specific":{"binaries":[{"freexl-devel":"1.0.4-5.1","libfreexl1":"1.0.4-5.1"}]},"package":{"ecosystem":"SUSE:Package Hub 12","name":"freexl","purl":"pkg:rpm/suse/freexl&distro=SUSE%20Package%20Hub%2012"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.0.4-5.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for freexl to version 1.0.4 fixes several issues.\n\nThese security issues were fixed:\n\n- CVE-2017-2924: Prevent heap-based buffer overflow in the read_legacy_biff function (bsc#1058433).\n- CVE-2017-2923: Prevent heap-based buffer overflow in the read_biff_next_record function (bsc#1058431).\n","id":"openSUSE-SU-2017:2537-1","modified":"2017-09-21T06:52:21Z","published":"2017-09-21T06:52:21Z","references":[{"type":"ADVISORY","url":null},{"type":"REPORT","url":"https://bugzilla.suse.com/1058431"},{"type":"REPORT","url":"https://bugzilla.suse.com/1058433"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-2923"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-2924"}],"related":["CVE-2017-2923","CVE-2017-2924"],"summary":"Security update for freexl","upstream":["CVE-2017-2923","CVE-2017-2924"]}