Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 414
Alerts This Week
Warning Icon 1 414

Fedora 24: MsgPack Advisory DoS Issues and Security Fix

fedora
Calendar Grey December 22, 2016
Dist Fedora Esm H88
Essential security patch for msgpuck framework targeting various Denial of Service vulnerabilities impacting Fedora release 24. Discover further details now.
Security fix for CVE-2016-9036, CVE-2016-9037

Summary

MsgPack is a binary-based efficient object serialization library.

It enables to exchange structured objects between many languages like JSON.

But unlike JSON, it is very fast and small.

msgpuck is very lightweight header-only library designed to be embedded to

your application by the C/C++ compiler. The library is fully documented and

covered by unit tests.

Update Information:

Security fix for CVE-2016-9036, CVE-2016-9037

Change Log

References


[ 1 ] Bug #1406682 - CVE-2016-9036 CVE-2016-9037 tarantool: Multiple DoS vulnerabilities [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1406682

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade msgpuck' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html

Severity
critical
Lowest
Low
Medium
High
Critical

Name: msgpuck
Product: Fedora 24
Version: 1.1.3
Release: 1.fc24
Summary: MsgPack binary serialization library in a self-contained header

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.