Advisories ยป MGASA-2017-0272

Updated libsoup packages fix security vulnerability

Publication date: 16 Aug 2017
Modification date: 15 Aug 2017
Type: security
Affected Mageia releases : 5 , 6
CVE: CVE-2017-2885

Description

An exploitable stack based buffer overflow vulnerability exists in the
GNOME libsoup 2.58. A specially crafted HTTP request can cause a stack
overflow resulting in remote code execution. An attacker can send a
special HTTP request to the vulnerable server to trigger this
vulnerability (CVE-2017-2885).
                

References

SRPMS

6/core

5/core