MGASA-2016-0117

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2016-0117.html

Import Source

https://advisories.mageia.org/MGASA-2016-0117.json

JSON Data

https://api.test.osv.dev/v1/vulns/MGASA-2016-0117

Related

CVE-2016-2851

Published

2016-03-25T06:38:37Z

Modified

2016-03-25T06:19:53Z

Summary

Updated libotr packages fix security vulnerability

Details

A remote attacker may crash or execute arbitrary code in libotr before 4.1.1 by sending large OTR messages. While processing specially crafted messages, attacker controlled data on the heap is written out of bounds (CVE-2016-2851).

References

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

Affected packages

Mageia:5 / libotr

Package

Name: libotr
Purl: pkg:rpm/mageia/libotr?distro=mageia-5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.1.1-1.mga5

Ecosystem specific

{
    "section": "core"
}