Advisories » MGASA-2016-0222

Updated openslp packages fix security vulnerability

Publication date: 10 Jun 2016
Modification date: 10 Jun 2016
Type: security
Affected Mageia releases : 5
CVE: CVE-2016-4912

Description

A null pointer dereference vulnerability was found in function _xrealloc()
in xlsp_xmalloc.c in OpenSLP. A remote attacker could potentially crash
the server when large number of packets are sent (CVE-2016-4912).
                

References

• https://bugs.mageia.org/show_bug.cgi?id=18600
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/FGW44JV455TRJ2NZQTEP76JKMFFO2JGS/
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4912

SRPMS

5/core

• openslp-2.0.0-5.1.mga5