User: Password:
|
|
Subscribe / Log in / New account

Mageia alert MGASA-2014-0074 (libgadu)

From:  Mageia Updates <buildsystem-daemon@mageia.org>
To:  updates-announce@ml.mageia.org
Subject:  [updates-announce] MGASA-2014-0074: Updated libgadu packages fix security vulnerability
Date:  Sun, 16 Feb 2014 14:23:44 +0100
Message-ID:  <20140216132344.4E71A5C6AF@valstar.mageia.org>

MGASA-2014-0074 - Updated libgadu packages fix security vulnerability Publication date: 16 Feb 2014 URL: http://advisories.mageia.org/MGASA-2014-0074.html Type: security Affected Mageia releases: 3, 4 CVE: CVE-2013-6487 Description: A malicious server or man-in-the-middle could send a large value for Content-Length and cause an integer overflow which could lead to a buffer overflow in Gadu-Gadu HTTP parsing (CVE-2013-6487). References: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6487 - http://libgadu.net/releases/1.11.3.html - http://www.debian.org/security/2014/dsa-2852 - https://bugs.mageia.org/show_bug.cgi?id=12709 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6487 SRPMS: - 4/core/libgadu-1.11.3-1.mga4 - 3/core/libgadu-1.11.3-1.mga3


(Log in to post comments)


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds