--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2017-47a4910f07
2017-03-22 13:34:50.259228
--------------------------------------------------------------------------------

Name        : openslp
Product     : Fedora 25
Version     : 2.0.0
Release     : 10.fc25
URL         : https://sourceforge.net/projects/openslp/
Summary     : Open implementation of Service Location Protocol V2
Description :
Service Location Protocol is an IETF standards track protocol that
provides a framework to allow networking applications to discover the
existence, location, and configuration of networked services in
enterprise networks.

OpenSLP is an open source implementation of the SLPv2 protocol as defined
by RFC 2608 and RFC 2614.

--------------------------------------------------------------------------------
Update Information:

Fix possible overflow in SLPFoldWhiteSpace, CVE-2016-7567
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1379988 - CVE-2016-7567 openslp: memory corruption due to possible overflow in SLPFoldWhiteSpace in common/slp_compare.c [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1379988
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade openslp' at the command line.
For more information, refer to the dnf documentation available at
https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/security/
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora 25: openslp Security Update

March 22, 2017
Fix possible overflow in SLPFoldWhiteSpace, CVE-2016-7567

Summary

Service Location Protocol is an IETF standards track protocol that

provides a framework to allow networking applications to discover the

existence, location, and configuration of networked services in

enterprise networks.

OpenSLP is an open source implementation of the SLPv2 protocol as defined

by RFC 2608 and RFC 2614.

Update Information:

Fix possible overflow in SLPFoldWhiteSpace, CVE-2016-7567

Change Log

References

[ 1 ] Bug #1379988 - CVE-2016-7567 openslp: memory corruption due to possible overflow in SLPFoldWhiteSpace in common/slp_compare.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1379988

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade openslp' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html

Severity
Name : openslp
Product : Fedora 25
Version : 2.0.0
Release : 10.fc25
URL : https://sourceforge.net/projects/openslp/
Summary : Open implementation of Service Location Protocol V2

Related News

19.Laptop Bed Esm H320
2 - 3 min read
The release of Google Chrome 124 addresses four vulnerabilities, including a critical security flaw that can enable attackers to execute arbitrary
23.Tablet Connections Esm H320
2 - 3 min read
The release of Ubuntu 24.04 LTS , also known as Noble Numbat, brings various security enhancements and exciting new features . These improvements
4.Lock AbstractDigital Esm H320
2 - 3 min read
Tails 6.2 is a new Linux distribution release that expands its multilingual support and improves security features. The distribution is a
19.Laptop Bed Esm H320
2 - 3 min read
AlmaLinux 9.4 beta has been released and provides compelling reasons to consider it for desktop usage. While AlmaLinux is primarily known as a
32.Lock Code Circular Esm H320
2 - 3 min read
Linux admins and security practitioners face significant challenges in keeping their Linux systems secure amidst the constant threat of kernel bugs.
1.Penguin Landscape Esm H320
2 - 3 min read
A significant security threat, known as the Spectre v2 exploit, has been observed targeting Linux systems running on modern Intel processors. Let's
10.FingerPrint Locks Esm H320
2 - 3 min read
The recent release of I2P 2.5.0 , an anonymous P2P network that protects against online censorship, surveillance, and monitoring, has brought a slew
24.Key Code Esm H320
2 - 3 min read
The Akira ransomware group has extorted approximately $42 million from over 250 victims since January 1, 2024. The group initially focused on
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved