libsass Info

libsass was added to epel7 repo on 2016-10-21
Page updated: 2023-11-21 11:36
Repo Status - Overall Status

Source NVR: libsass-3.4.5-4.el7 (2017-10-02)

Binary Packages

libsass libsass-3.4.5-4.el7
libsass-devel libsass-devel-3.4.5-4.el7

Bugs

1473186 NEW CVE-2017-10687 libsass: Heap buffer overf read in the json_mkstream() function [epel-7]
1474347 NEW CVE-2017-11341 CVE-2017-11342 libsass: various flaws [epel-7]
1474938 NEW CVE-2017-11554 CVE-2017-11555 CVE-2017-11556 CVE-2017-11605 CVE-2017-11608 libsass: Multiple vulnerabilities [epel-7]
1588654 NEW CVE-2018-11698 libsass: Out-of-bounds read n function Sass::handle_error in sass_context.cpp [epel-7]
1588664 NEW CVE-2018-11697 libsass: Heap buffer over-read in Sass::Prelexer::exactly in lexer.hpp [epel-7]
1588671 NEW CVE-2018-11696 libsass: NULL pointer dereference in function Sass::Inspect::operator in inspect.cpp [epel-7]
1588676 NEW CVE-2018-11695 libsass: NULL pointer dereference was found in function Sass::Expand::operator in expand.cpp [epel-7]
1588679 NEW CVE-2018-11694 libsass: NULL pointer dereference in function Sass::Functions::selector_append in functions.cpp [epel-7]
1588684 NEW CVE-2018-11693 libsass: Heap buffer over read in function Sass::Prelexer::skip_over_scopes in prelexer.hpp [epel-7]
1652072 NEW CVE-2018-19218 libsass: illegal address access at Sass::Parser::parse_css_variable_value_token [epel-7]
1652075 NEW CVE-2018-19219 libsass: illegal address access at Sass::Eval::operator [epel-7]
1668920 NEW CVE-2019-6283 libsass: heap-based buffer over-read in Sass::Prelexer::parenthese_scope in prelexer.hpp [epel-7]
1668923 NEW CVE-2019-6284 libsass: heap-based buffer over-read in Sass::Prelexer::alternatives in prelexer.hpp [epel-7]
1668926 NEW CVE-2019-6286 libsass: heap-based buffer over-read in Sass::Prelexer::skip_over_scopes in prelexer.hpp [epel-7]
1671396 NEW CVE-2018-19797 CVE-2018-19826 CVE-2018-19827 CVE-2018-19837 CVE-2018-19838 CVE-2018-19839 CVE-2018-20190 libsass: various flaws [epel-7]
1706052 NEW CVE-2018-20821 CVE-2018-20822 libsass: various flaws [epel-7]
1852073 NEW CVE-2019-18797 libsass: uncontrolled recursion in Sass:Eval:operator()(Sass:Binary_Expression*) in eval.cpp [epel-7]
1852076 NEW CVE-2019-18798 libsass: heap-based buffer overflow in Sass:weaveParents in ast_sel_weave.cpp [epel-7]
1852079 NEW CVE-2019-18799 libsass: NULL pointer dereference in Sass:Parser:parseCompoundSelector in parser_selectors.cpp [epel-7]
2236113 NEW CVE-2022-26592 libsass: stack overflow via Sass::CompoundSelector::has_real_parent_ref() in ast_selectors.cpp [epel-7]

Install Failures