Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2017:1188-1

Опубликовано: 05 мая 2017
Источник: suse-cvrf

Описание

Security update for libosip2

This update for libosip2 fixes several issues.

These security issues were fixed:

  • CVE-2017-7853: In libosip2 a malformed SIP message could have lead to a heap buffer overflow in the msg_osip_body_parse() function defined in osipparser2/osip_message_parse.c, resulting in a remote DoS (bsc#1034570)
  • CVE-2016-10326: In libosip2 a malformed SIP message could have lead to a heap buffer overflow in the osip_body_to_str() function defined in osipparser2/osip_body.c, resulting in a remote DoS (bsc#1034571)
  • CVE-2016-10325: In libosip2 a malformed SIP message could have lead to a heap buffer overflow in the _osip_message_to_str() function defined in osipparser2/osip_message_to_str.c, resulting in a remote DoS (bsc#1034572)
  • CVE-2016-10324: In libosip2 a malformed SIP message could have lead to a heap buffer overflow in the osip_clrncpy() function defined in osipparser2/osip_port.c (bsc#1034574)

Список пакетов

SUSE Linux Enterprise Software Development Kit 11 SP4
libosip2-3.1.0-3.1
libosip2-devel-3.1.0-3.1

Ссылки

Описание

In libosip2 in GNU oSIP 4.1.0, a malformed SIP message can lead to a heap buffer overflow in the osip_clrncpy() function defined in osipparser2/osip_port.c.

Затронутые продукты
SUSE Linux Enterprise Software Development Kit 11 SP4:libosip2-3.1.0-3.1
SUSE Linux Enterprise Software Development Kit 11 SP4:libosip2-devel-3.1.0-3.1
Ссылки

Описание

In libosip2 in GNU oSIP 4.1.0, a malformed SIP message can lead to a heap buffer overflow in the _osip_message_to_str() function defined in osipparser2/osip_message_to_str.c, resulting in a remote DoS.

Затронутые продукты
SUSE Linux Enterprise Software Development Kit 11 SP4:libosip2-3.1.0-3.1
SUSE Linux Enterprise Software Development Kit 11 SP4:libosip2-devel-3.1.0-3.1
Ссылки

Описание

In libosip2 in GNU oSIP 4.1.0, a malformed SIP message can lead to a heap buffer overflow in the osip_body_to_str() function defined in osipparser2/osip_body.c, resulting in a remote DoS.

Затронутые продукты
SUSE Linux Enterprise Software Development Kit 11 SP4:libosip2-3.1.0-3.1
SUSE Linux Enterprise Software Development Kit 11 SP4:libosip2-devel-3.1.0-3.1
Ссылки

Описание

In libosip2 in GNU oSIP 4.1.0 and 5.0.0, a malformed SIP message can lead to a heap buffer overflow in the msg_osip_body_parse() function defined in osipparser2/osip_message_parse.c, resulting in a remote DoS.

Затронутые продукты
SUSE Linux Enterprise Software Development Kit 11 SP4:libosip2-3.1.0-3.1
SUSE Linux Enterprise Software Development Kit 11 SP4:libosip2-devel-3.1.0-3.1
Ссылки