MGASA-2017-0066

See a problem?
Please try reporting it to the source first.
Source
https://advisories.mageia.org/MGASA-2017-0066.html
Import Source
https://advisories.mageia.org/MGASA-2017-0066.json
JSON Data
https://api.test.osv.dev/v1/vulns/MGASA-2017-0066
Related
Published
2017-02-26T22:02:17Z
Modified
2017-02-26T21:51:34Z
Summary
Updated libevent packages fix security vulnerability
Details
  • The DNS code of Libevent contains an OOB read which can trigger a crash (CVE-2016-10197)
  • The libevent evutilparsesockaddr_port() contains a buffer overflow which can cause a segmentation fault (CVE-2016-10196)
  • The name_parse() function in libevent's DNS code is vulnerable to a buffer overread (CVE-2016-10195)
References
Credits

Affected packages

Mageia:5 / libevent

Package

Name
libevent
Purl
pkg:rpm/mageia/libevent?distro=mageia-5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.0.22-1.1.mga5

Ecosystem specific 

{
    "section": "core"
}