openSUSE-SU-2015:2070-1

Опубликовано: 14 нояб. 2015

Источник: suse-cvrf

Описание

Security update for miniupnpc

MiniUPnP was updated to fix one security issue.

The following vulnerability was fixed:

CVE-2015-6031: XML parser buffer overflow (boo#950759)

Список пакетов

openSUSE Leap 42.1

libminiupnpc-devel-1.9-6.1

libminiupnpc10-1.9-6.1

libminiupnpc10-32bit-1.9-6.1

miniupnpc-1.9-6.1

python-miniupnpc-1.9-6.1

Ссылки

https://lists.opensuse.org/opensuse-updates/2015-11/msg00122.html
E-Mail link for openSUSE-SU-2015:2070-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings

Описание

Buffer overflow in the IGDstartelt function in igd_desc_parse.c in the MiniUPnP client (aka MiniUPnPc) before 1.9.20150917 allows remote UPNP servers to cause a denial of service (application crash) and possibly execute arbitrary code via an "oversized" XML element name.

Затронутые продукты

openSUSE Leap 42.1:libminiupnpc-devel-1.9-6.1

openSUSE Leap 42.1:libminiupnpc10-1.9-6.1

openSUSE Leap 42.1:libminiupnpc10-32bit-1.9-6.1

openSUSE Leap 42.1:miniupnpc-1.9-6.1

Ссылки

https://www.suse.com/security/cve/CVE-2015-6031.html
CVE-2015-6031
https://bugzilla.suse.com/950759
SUSE Bug 950759

openSUSE-SU-2015:2070-1

Описание

Список пакетов

openSUSE Leap 42.1

Ссылки

Уязвимость: CVE-2015-6031

Описание

Затронутые продукты

Ссылки