Advisories » MGASA-2023-0072

Updated sofia-sip packages fix security vulnerability

Publication date: 27 Feb 2023
Modification date: 27 Feb 2023
Type: security
Affected Mageia releases : 8
CVE: CVE-2022-47516

Description

The config_sortlist function is missing checks about the validity of the
input string, which allows a possible arbitrary length stack overflow and
thus may cause a denial of service. (CVE-2022-47516)
                

References

• https://bugs.mageia.org/show_bug.cgi?id=31588
• https://www.debian.org/lts/security/2023/dla-3334
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-47516

SRPMS

8/core

• sofia-sip-1.12.11-10.3.mga8