Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

openSUSE-SU-2017:1127-1

Опубликовано: 28 апр. 2017
Источник: suse-cvrf

Описание

Security update for libosip2

This update for libosip2 fixes the following issues:

Changes in libosip2:

  • CVE-2017-7853: In libosip2 in GNU 5.0.0, a malformed SIP message can lead to a heap buffer overflow in the msg_osip_body_parse() function defined in osipparser2/osip_message_parse.c, resulting in a remote DoS. (boo#1034570)
  • CVE-2016-10326: In libosip2 in GNU oSIP 4.1.0, a malformed SIP message can lead to a heap buffer overflow in the osip_body_to_str() function defined in osipparser2/osip_body.c, resulting in a remote DoS. (boo#1034571)
  • CVE-2016-10325: In libosip2 in GNU oSIP 4.1.0, a malformed SIP message can lead to a heap buffer overflow in the _osip_message_to_str() function defined in osipparser2/osip_message_to_str.c, resulting in a remote DoS. (boo#1034572)
  • CVE-2016-10324: In libosip2 in GNU oSIP 4.1.0, a malformed SIP message can lead to a heap buffer overflow in the osip_clrncpy() function defined in osipparser2/osip_port.c. (boo#1034574)

Список пакетов

openSUSE Leap 42.1
libosip2-4.1.0-5.3.1
libosip2-devel-4.1.0-5.3.1
openSUSE Leap 42.2
libosip2-4.1.0-5.3.1
libosip2-devel-4.1.0-5.3.1

Ссылки

Описание

In libosip2 in GNU oSIP 4.1.0, a malformed SIP message can lead to a heap buffer overflow in the osip_clrncpy() function defined in osipparser2/osip_port.c.

Затронутые продукты
openSUSE Leap 42.1:libosip2-4.1.0-5.3.1
openSUSE Leap 42.1:libosip2-devel-4.1.0-5.3.1
openSUSE Leap 42.2:libosip2-4.1.0-5.3.1
openSUSE Leap 42.2:libosip2-devel-4.1.0-5.3.1
Ссылки

Описание

In libosip2 in GNU oSIP 4.1.0, a malformed SIP message can lead to a heap buffer overflow in the _osip_message_to_str() function defined in osipparser2/osip_message_to_str.c, resulting in a remote DoS.

Затронутые продукты
openSUSE Leap 42.1:libosip2-4.1.0-5.3.1
openSUSE Leap 42.1:libosip2-devel-4.1.0-5.3.1
openSUSE Leap 42.2:libosip2-4.1.0-5.3.1
openSUSE Leap 42.2:libosip2-devel-4.1.0-5.3.1
Ссылки

Описание

In libosip2 in GNU oSIP 4.1.0, a malformed SIP message can lead to a heap buffer overflow in the osip_body_to_str() function defined in osipparser2/osip_body.c, resulting in a remote DoS.

Затронутые продукты
openSUSE Leap 42.1:libosip2-4.1.0-5.3.1
openSUSE Leap 42.1:libosip2-devel-4.1.0-5.3.1
openSUSE Leap 42.2:libosip2-4.1.0-5.3.1
openSUSE Leap 42.2:libosip2-devel-4.1.0-5.3.1
Ссылки

Описание

In libosip2 in GNU oSIP 4.1.0 and 5.0.0, a malformed SIP message can lead to a heap buffer overflow in the msg_osip_body_parse() function defined in osipparser2/osip_message_parse.c, resulting in a remote DoS.

Затронутые продукты
openSUSE Leap 42.1:libosip2-4.1.0-5.3.1
openSUSE Leap 42.1:libosip2-devel-4.1.0-5.3.1
openSUSE Leap 42.2:libosip2-4.1.0-5.3.1
openSUSE Leap 42.2:libosip2-devel-4.1.0-5.3.1
Ссылки