{"affected":[{"ecosystem_specific":{"binaries":[{"db48-utils":"4.8.30-29.6","libdb-4_8":"4.8.30-29.6","libdb-4_8-32bit":"4.8.30-29.6"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Desktop 12 SP2","name":"libdb-4_8","purl":"pkg:rpm/suse/libdb-4_8&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP2"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"4.8.30-29.6"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"db48-utils":"4.8.30-29.6","libdb-4_8":"4.8.30-29.6","libdb-4_8-32bit":"4.8.30-29.6"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Desktop 12 SP3","name":"libdb-4_8","purl":"pkg:rpm/suse/libdb-4_8&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP3"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"4.8.30-29.6"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"db48-utils":"4.8.30-29.6","libdb-4_8":"4.8.30-29.6"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server for Raspberry Pi 12 SP2","name":"libdb-4_8","purl":"pkg:rpm/suse/libdb-4_8&distro=SUSE%20Linux%20Enterprise%20Server%20for%20Raspberry%20Pi%2012%20SP2"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"4.8.30-29.6"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"libdb-4_8-devel":"4.8.30-29.6"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Software Development Kit 12 SP2","name":"libdb-4_8","purl":"pkg:rpm/suse/libdb-4_8&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP2"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"4.8.30-29.6"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"libdb-4_8-devel":"4.8.30-29.6"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Software Development Kit 12 SP3","name":"libdb-4_8","purl":"pkg:rpm/suse/libdb-4_8&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP3"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"4.8.30-29.6"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"db48-utils":"4.8.30-29.6","libdb-4_8":"4.8.30-29.6","libdb-4_8-32bit":"4.8.30-29.6"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 12 SP2","name":"libdb-4_8","purl":"pkg:rpm/suse/libdb-4_8&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"4.8.30-29.6"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"db48-utils":"4.8.30-29.6","libdb-4_8":"4.8.30-29.6","libdb-4_8-32bit":"4.8.30-29.6"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 12 SP2","name":"libdb-4_8","purl":"pkg:rpm/suse/libdb-4_8&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"4.8.30-29.6"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"db48-utils":"4.8.30-29.6","libdb-4_8":"4.8.30-29.6","libdb-4_8-32bit":"4.8.30-29.6"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 12 SP3","name":"libdb-4_8","purl":"pkg:rpm/suse/libdb-4_8&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"4.8.30-29.6"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"db48-utils":"4.8.30-29.6","libdb-4_8":"4.8.30-29.6","libdb-4_8-32bit":"4.8.30-29.6"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 12 SP3","name":"libdb-4_8","purl":"pkg:rpm/suse/libdb-4_8&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"4.8.30-29.6"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for libdb-4_8 fixes the following issues:\n\n- A DB_CONFIG file in the current working directory allowed local\n  users to obtain sensitive information via a symlink attack\n  involving a setgid or setuid application using libdb-4_8. (bsc#1043886)\n","id":"SUSE-SU-2018:0510-1","modified":"2018-02-21T13:27:23Z","published":"2018-02-21T13:27:23Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2018/suse-su-20180510-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1043886"}],"related":[],"summary":"Security update for libdb-4_8","upstream":[]}