Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 446
Alerts This Week
Warning Icon 1 446

Fedora 25 msgpuck Security Update: Critical DoS Threats Fixed

fedora
Calendar Grey December 22, 2016
Dist Fedora Esm H88
Important security patches for msgpuck in Fedora 25 aiming to fix several denial-of-service vulnerabilities. Make sure your system is protected.
Security fix for CVE-2016-9036, CVE-2016-9037

Summary

MsgPack is a binary-based efficient object serialization library.

It enables to exchange structured objects between many languages like JSON.

But unlike JSON, it is very fast and small.

msgpuck is very lightweight header-only library designed to be embedded to

your application by the C/C++ compiler. The library is fully documented and

covered by unit tests.

Update Information:

Security fix for CVE-2016-9036, CVE-2016-9037

Change Log

References


[ 1 ] Bug #1406682 - CVE-2016-9036 CVE-2016-9037 tarantool: Multiple DoS vulnerabilities [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1406682

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade msgpuck' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html

Severity
critical
Lowest
Low
Medium
High
Critical

Name: msgpuck
Product: Fedora 25
Version: 1.1.3
Release: 1.fc25
Summary: MsgPack binary serialization library in a self-contained header

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.