Updated libotr packages fix security vulnerability
Publication date: 25 Mar 2016Modification date: 25 Mar 2016
Type: security
Affected Mageia releases : 5
CVE: CVE-2016-2851
Description
A remote attacker may crash or execute arbitrary code in libotr before 4.1.1 by sending large OTR messages. While processing specially crafted messages, attacker controlled data on the heap is written out of bounds (CVE-2016-2851).
References
SRPMS
5/core
- libotr-4.1.1-1.mga5