openSUSE-SU-2016:1635-1

Опубликовано: 20 июн. 2016

Источник: suse-cvrf

Описание

Security update for libtorrent-rasterbar

This update for libtorrent-rasterbar fixes the following issues:

CVE-2016-5301: Crash on invalid input in http_parser could have allowed a remote attacker to perform a denial of service attack (boo#983228).

In addition, the package was updated to 1.0.9 / 1.16.19, fixing various upstream bugs.

Список пакетов

openSUSE Leap 42.1

libtorrent-rasterbar-1.0.9-7.1

libtorrent-rasterbar-devel-1.0.9-7.1

libtorrent-rasterbar-doc-1.0.9-7.1

libtorrent-rasterbar8-1.0.9-7.1

python-libtorrent-rasterbar-1.0.9-7.1

Ссылки

https://lists.opensuse.org/opensuse-updates/2016-06/msg00079.html
E-Mail link for openSUSE-SU-2016:1635-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings

Описание

The parse_chunk_header function in libtorrent before 1.1.1 allows remote attackers to cause a denial of service (crash) via a crafted (1) HTTP response or possibly a (2) UPnP broadcast.

Затронутые продукты

openSUSE Leap 42.1:libtorrent-rasterbar-1.0.9-7.1

openSUSE Leap 42.1:libtorrent-rasterbar-devel-1.0.9-7.1

openSUSE Leap 42.1:libtorrent-rasterbar-doc-1.0.9-7.1

openSUSE Leap 42.1:libtorrent-rasterbar8-1.0.9-7.1

Ссылки

https://www.suse.com/security/cve/CVE-2016-5301.html
CVE-2016-5301
https://bugzilla.suse.com/983228
SUSE Bug 983228

openSUSE-SU-2016:1635-1

Описание

Список пакетов

openSUSE Leap 42.1

Ссылки

Уязвимость: CVE-2016-5301

Описание

Затронутые продукты

Ссылки