Updated boinc-client packages fix security vulnerabilityPublication date: 21 Nov 2014
Affected Mageia releases : 3 , 4
Multiple stack overflow flaws were found in the way the XML parser of boinc-client, a Berkeley Open Infrastructure for Network Computing (BOINC) client for distributed computing, performed processing of certain XML files. A rogue BOINC server could provide a specially-crafted XML file that, when processed would lead to boinc-client executable crash (CVE-2013-2298). Issues preventing the boinc-client service from working immediately after installation have been fixed as well.