Advisories » MGASA-2016-0333

Updated libcryptopp packages fix security vulnerability

Publication date: 04 Oct 2016
Modification date: 04 Oct 2016
Type: security
Affected Mageia releases : 5
CVE: CVE-2016-7420

Description

The libcryptopp package was built with debugging enabled, which could
cause a crash due to assertions being turned on and could also cause core
files to be generated containing sensitive information (CVE-2016-7420).
                

References

• https://bugs.mageia.org/show_bug.cgi?id=19381
• http://www.openwall.com/lists/oss-security/2016/09/15/12
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7420

SRPMS

5/core

• libcryptopp-5.6.3-1.2.mga5