{
  "schema_version": "1.7.0",
  "id": "MGASA-2015-0135",
  "published": "2015-04-09T22:44:14Z",
  "modified": "2015-04-09T22:27:04Z",
  "summary": "Updated suricata packages fix security vulnerabilities",
  "details": "Updated suricata packages fix security vulnerability:\n\nIt was reported that libhtp handling of streams in error state could lead to\nNULL pointer dereference, leading to caller crash. Suricata (Intrusion\nDetection System) embeds libhtp, and is one of the affected components.\n",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://advisories.mageia.org/MGASA-2015-0135.html"
    },
    {
      "type": "REPORT",
      "url": "https://bugs.mageia.org/show_bug.cgi?id=15086"
    },
    {
      "type": "WEB",
      "url": "https://github.com/OISF/libhtp/pull/82"
    },
    {
      "type": "REPORT",
      "url": "https://redmine.openinfosecfoundation.org/issues/1272"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/pipermail/package-announce/2015-January/148322.html"
    }
  ],
  "affected": [
    {
      "package": {
        "ecosystem": "Mageia:4",
        "name": "suricata",
        "purl": "pkg:rpm/mageia/suricata?arch=source&distro=mageia-4"
      },
      "ranges": [
        {
          "type": "ECOSYSTEM",
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.4.7-1.1.mga4"
            }
          ]
        }
      ],
      "ecosystem_specific": {
        "section": "core"
      }
    }
  ],
  "credits": [
    {
      "name": "Mageia",
      "type": "COORDINATOR",
      "contact": [
        "https://wiki.mageia.org/en/Packages_Security_Team"
      ]
    }
  ]
}