Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP2:Update
patchinfo.3206
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.3206
<patchinfo incident="3206"> <issue id="994989" tracker="bnc">openslp doesn't work with net.slp.securityEnabled=true</issue> <issue id="980722" tracker="bnc">VUL-1: CVE-2016-4912: openslp: null pointer dereference in _xrealloc() function</issue> <issue id="974655" tracker="bnc">openslp: there's not need to ship /etc/init/slpd anymore</issue> <issue id="1001600" tracker="bnc">VUL-0: CVE-2016-7567: openslp: OpenSLP Memory Corruption in SLPFoldWhiteSpace</issue> <issue id="2016-4912" tracker="cve" /> <issue id="2016-7567" tracker="cve" /> <category>security</category> <rating>moderate</rating> <packager>mlschroe</packager> <description>This update for openslp fixes two security issues and two bugs. The following vulnerabilities were fixed: - CVE-2016-4912: A remote attacker could have crashed the server with a large number of packages (bsc#980722) - CVE-2016-7567: A remote attacker could cause a memory corruption having unspecified impact (bsc#1001600) The following bugfix changes are included: - bsc#994989: Removed convenience code as changes bytes in the message buffer breaking the verification code - bsc#974655: Removed no longer needed slpd init file </description> <summary>Security update for openslp</summary> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor