openSUSE-SU-2017:0363-1

Опубликовано: 01 фев. 2017

Источник: suse-cvrf

Описание

Security update for bzrtp

This update for bzrtp fixes one security issue.

The following vulnerability was fixed:

CVE-2016-6271: missing HVI check on DHPart2 packet reception may have allowed man-in-the-middle attackers to conduct spoofing attacks boo#1020844)

Список пакетов

openSUSE Leap 42.1

bzrtp-1.0.3-6.1

bzrtp-devel-1.0.3-6.1

libbzrtp0-1.0.3-6.1

libbzrtp0-32bit-1.0.3-6.1

openSUSE Leap 42.2

bzrtp-1.0.3-6.1

bzrtp-devel-1.0.3-6.1

libbzrtp0-1.0.3-6.1

libbzrtp0-32bit-1.0.3-6.1

Ссылки

https://lists.opensuse.org/opensuse-updates/2017-02/msg00009.html
E-Mail link for openSUSE-SU-2017:0363-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings

Описание

The Bzrtp library (aka libbzrtp) 1.0.x before 1.0.4 allows man-in-the-middle attackers to conduct spoofing attacks by leveraging a missing HVI check on DHPart2 packet reception.

Затронутые продукты

openSUSE Leap 42.1:bzrtp-1.0.3-6.1

openSUSE Leap 42.1:bzrtp-devel-1.0.3-6.1

openSUSE Leap 42.1:libbzrtp0-1.0.3-6.1

openSUSE Leap 42.1:libbzrtp0-32bit-1.0.3-6.1

Ссылки

https://www.suse.com/security/cve/CVE-2016-6271.html
CVE-2016-6271
https://bugzilla.suse.com/1020844
SUSE Bug 1020844

openSUSE-SU-2017:0363-1

Описание

Список пакетов

openSUSE Leap 42.1

openSUSE Leap 42.2

Ссылки

Уязвимость: CVE-2016-6271

Описание

Затронутые продукты

Ссылки