Advisories ยป MGASA-2018-0342

Updated openslp packages fix security vulnerability

Publication date: 17 Aug 2018
Modification date: 17 Aug 2018
Type: security
Affected Mageia releases : 5 , 6
CVE: CVE-2017-17833

Description

Updated openslp packages fix security vulnerability:

OpenSLP is vulnerable to a double freeing of memory that causes a crash
in the slp_buffer:SLPBufferRealloc() function, which makes it vulnerable
to a denial-of-service or remote code execution attack (CVE-2017-17833).
                

References

SRPMS

6/core

5/core