openSUSE-SU-2016:0878-1

Опубликовано: 24 мар. 2016

Источник: suse-cvrf

Описание

Security update for pidgin-otr

This update to pidgin-otr 4.0.2 fixes the following issue:

CVE-2015-8833: use-after-free issue during SMP (boo#970498)

It also contains new and updated translations.

Список пакетов

openSUSE Leap 42.1

pidgin-otr-4.0.2-7.1

Ссылки

https://lists.opensuse.org/opensuse-updates/2016-03/msg00109.html
E-Mail link for openSUSE-SU-2016:0878-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings

Описание

Use-after-free vulnerability in the create_smp_dialog function in gtk-dialog.c in the Off-the-Record Messaging (OTR) pidgin-otr plugin before 4.0.2 for Pidgin allows remote attackers to execute arbitrary code via vectors related to the "Authenticate buddy" menu item.

Затронутые продукты

openSUSE Leap 42.1:pidgin-otr-4.0.2-7.1

Ссылки

https://www.suse.com/security/cve/CVE-2015-8833.html
CVE-2015-8833
https://bugzilla.suse.com/970498
SUSE Bug 970498

openSUSE-SU-2016:0878-1

Описание

Список пакетов

openSUSE Leap 42.1

Ссылки

Уязвимость: CVE-2015-8833

Описание

Затронутые продукты

Ссылки