Fedora 28: 2018-05acd3c734 Critical: OpenSLP Heap Memory Corruption

Service Location Protocol is an IETF standards track protocol that

provides a framework to allow networking applications to discover the

existence, location, and configuration of networked services in

enterprise networks.

OpenSLP is an open source implementation of the SLPv2 protocol as defined

by RFC 2608 and RFC 2614.

Fix heap memory corruption, CVE-2017-17833

* Mon Jul 2 2018 Vitezslav Crhonek - 2.0.0-18

- Fix heap memory corruption, CVE-2017-17833

Resolves: #1572167

[ 1 ] Bug #1572166 - CVE-2017-17833 openslp: Heap memory corruption in slpd/slpd_process.c allows denial of service or potentially code execution

https://bugzilla.redhat.com/show_bug.cgi?id=1572166

su -c 'dnf upgrade --advisory FEDORA-2018-05acd3c734' at the command

line. For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora Code of Conduct: List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines

List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/H4WB4SKVDGCKX5FZGDSCL7VOCERVQDS3/