Advisories ยป MGASA-2014-0074

Updated libgadu packages fix security vulnerability

Publication date: 16 Feb 2014
Type: security
Affected Mageia releases : 3 , 4
CVE: CVE-2013-6487

Description

A malicious server or man-in-the-middle could send a large value for
Content-Length and cause an integer overflow which could lead to a buffer
overflow in Gadu-Gadu HTTP parsing (CVE-2013-6487).
                

References

SRPMS

4/core

3/core