openSUSE-SU-2016:0708-1

Опубликовано: 09 мар. 2016

Источник: suse-cvrf

Описание

Security update for libotr,libotr2

libotr and libotr2 were updated to fix one security issue:

CVE-2016-2851: Integer overflow vulnerability allowed remote attackers to execute arbitrary code on 64 bit platforms (boo#969785)

Список пакетов

openSUSE Leap 42.1

libotr-4.1.1-4.1

libotr-devel-4.1.1-4.1

libotr-tools-4.1.1-4.1

libotr2-3.2.1-13.1

libotr2-devel-3.2.1-13.1

libotr2-tools-3.2.1-13.1

libotr5-4.1.1-4.1

Ссылки

https://lists.opensuse.org/opensuse-security-announce/2016-03/msg00021.html
E-Mail link for openSUSE-SU-2016:0708-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings

Описание

Integer overflow in proto.c in libotr before 4.1.1 on 64-bit platforms allows remote attackers to cause a denial of service (memory corruption and application crash) or execute arbitrary code via a series of large OTR messages, which triggers a heap-based buffer overflow.

Затронутые продукты

openSUSE Leap 42.1:libotr-4.1.1-4.1

openSUSE Leap 42.1:libotr-devel-4.1.1-4.1

openSUSE Leap 42.1:libotr-tools-4.1.1-4.1

openSUSE Leap 42.1:libotr2-3.2.1-13.1

Ссылки

https://www.suse.com/security/cve/CVE-2016-2851.html
CVE-2016-2851
https://bugzilla.suse.com/969785
SUSE Bug 969785

openSUSE-SU-2016:0708-1

Описание

Список пакетов

openSUSE Leap 42.1

Ссылки

Уязвимость: CVE-2016-2851

Описание

Затронутые продукты

Ссылки