Scientific Linux alert SLSA-2018:1225-1 (librelp)


From:
    	       Scott Reid <svreid@fnal.gov> 
To:
    	       <scientific-linux-errata@listserv.fnal.gov> 
Subject:
    	       Security ERRATA Critical: librelp on SL6.x i386/x86_64 
Date:
    	       Tue, 24 Apr 2018 20:28:14 +0000
Message-ID:
    	       <20180424202814.3282.28622@slpackages.fnal.gov>
Synopsis:          Critical: librelp security update
Advisory ID:       SLSA-2018:1225-1
Issue Date:        2018-04-24
CVE Numbers:       CVE-2018-1000140
--

Security Fix(es):

* librelp: Stack-based buffer overflow in relpTcpChkPeerName function in
src/tcp.c (CVE-2018-1000140)
--

SL6
  x86_64
    librelp-1.2.7-3.el6_9.1.x86_64.rpm
    librelp-debuginfo-1.2.7-3.el6_9.1.x86_64.rpm
    librelp-1.2.7-3.el6_9.1.i686.rpm
    librelp-debuginfo-1.2.7-3.el6_9.1.i686.rpm
    librelp-devel-1.2.7-3.el6_9.1.i686.rpm
    librelp-devel-1.2.7-3.el6_9.1.x86_64.rpm
  i386
    librelp-1.2.7-3.el6_9.1.i686.rpm
    librelp-debuginfo-1.2.7-3.el6_9.1.i686.rpm
    librelp-devel-1.2.7-3.el6_9.1.i686.rpm

- Scientific Linux Development Team

From:		Scott Reid <svreid@fnal.gov>
To:		<scientific-linux-errata@listserv.fnal.gov>
Subject:		Security ERRATA Critical: librelp on SL6.x i386/x86_64
Date:		Tue, 24 Apr 2018 20:28:14 +0000
Message-ID:		<20180424202814.3282.28622@slpackages.fnal.gov>