Описание
ELSA-2015-2237: rest security update (LOW)
[0.7.92-3]
- Fix tests/proxy-continuous Resolves: #1250935
[0.7.92-2]
- Fix memory error due to implicit declaration of rest_proxy_call_get_url Resolves: #1183982
Обновленные пакеты
Oracle Linux 7
Oracle Linux x86_64
rest
0.7.92-3.el7
rest-devel
0.7.92-3.el7
Связанные CVE
Связанные уязвимости
The OAuth implementation in librest before 0.7.93 incorrectly truncates the pointer returned by the rest_proxy_call_get_url function, which allows remote attackers to cause a denial of service (application crash) via running the EnsureCredentials method from the org.gnome.OnlineAccounts.Account interface on an object representing a Flickr account.
The OAuth implementation in librest before 0.7.93 incorrectly truncates the pointer returned by the rest_proxy_call_get_url function, which allows remote attackers to cause a denial of service (application crash) via running the EnsureCredentials method from the org.gnome.OnlineAccounts.Account interface on an object representing a Flickr account.
The OAuth implementation in librest before 0.7.93 incorrectly truncates the pointer returned by the rest_proxy_call_get_url function, which allows remote attackers to cause a denial of service (application crash) via running the EnsureCredentials method from the org.gnome.OnlineAccounts.Account interface on an object representing a Flickr account.
The OAuth implementation in librest before 0.7.93 incorrectly truncate ...
The OAuth implementation in librest before 0.7.93 incorrectly truncates the pointer returned by the rest_proxy_call_get_url function, which allows remote attackers to cause a denial of service (application crash) via running the EnsureCredentials method from the org.gnome.OnlineAccounts.Account interface on an object representing a Flickr account.