Fedora 30: FEDORA-2019-86bceb61b3 Critical: openslp Heap Overflow

Service Location Protocol is an IETF standards track protocol that

provides a framework to allow networking applications to discover the

existence, location, and configuration of networked services in

enterprise networks.

OpenSLP is an open source implementation of the SLPv2 protocol as defined

by RFC 2608 and RFC 2614.

Security fix for CVE-2019-5544

* Mon Dec 9 2019 Vitezslav Crhonek - 2.0.0-22

- Fix heap overwrite vulnerability, CVE-2019-5544

Resolves: #1780754

[ 1 ] Bug #1777788 - CVE-2019-5544 openslp: Heap-based buffer overflow in ProcessSrvRqst() in slpd_process.c leading to remote code execution

https://bugzilla.redhat.com/show_bug.cgi?id=1777788

su -c 'dnf upgrade --advisory FEDORA-2019-86bceb61b3' at the command

line. For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/

List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines

List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/