Updated openslp packages fix security vulnerability
Publication date: 17 Aug 2018Modification date: 17 Aug 2018
Type: security
Affected Mageia releases : 5 , 6
CVE: CVE-2017-17833
Description
Updated openslp packages fix security vulnerability: OpenSLP is vulnerable to a double freeing of memory that causes a crash in the slp_buffer:SLPBufferRealloc() function, which makes it vulnerable to a denial-of-service or remote code execution attack (CVE-2017-17833).
References
SRPMS
6/core
- openslp-2.0.0-8.1.mga6
5/core
- openslp-2.0.0-5.3.mga5