2016-01-21
ALT-BU-2016-2550-1
Branch t7 update bulletin.
Package claws-mail updated to version 3.13.1-alt2.M70P.1 for branch t7 in task 156121.
Closed vulnerabilities
Published: 2016-04-12
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2015-8708
Stack-based buffer overflow in the conv_euctojis function in codeconv.c in Claws Mail 3.13.1 allows remote attackers to have unspecified impact via a crafted email, involving Japanese character set conversion. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-8614.
Severity: HIGH (7.3)
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
References:
Closed vulnerabilities
Published: 2014-09-04
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2014-6060
The get_option function in dhcpcd 4.0.0 through 6.x before 6.4.3 allows remote DHCP servers to cause a denial of service by resetting the DHO_OPTIONSOVERLOADED option in the (1) bootfile or (2) servername section, which triggers the option to be processed again.
Severity: LOW (3.3)
References:
- http://advisories.mageia.org/MGASA-2014-0334.html
- http://advisories.mageia.org/MGASA-2014-0334.html
- http://roy.marples.name/projects/dhcpcd/ci/1d2b93aa5ce25a8a710082fe2d36a6bf7f5794d5?sbs=0
- http://roy.marples.name/projects/dhcpcd/ci/1d2b93aa5ce25a8a710082fe2d36a6bf7f5794d5?sbs=0
- http://source.android.com/security/bulletin/2016-04-02.html
- http://source.android.com/security/bulletin/2016-04-02.html
- MDVSA-2014:171
- MDVSA-2014:171
- [oss-security] 20140730 CVE Request: dhcpcd DoS attack
- [oss-security] 20140730 CVE Request: dhcpcd DoS attack
- [oss-security] 20140901 CVE Request: dhcpcd DoS attack
- [oss-security] 20140901 CVE Request: dhcpcd DoS attack
- 68970
- 68970
- SSA:2014-213-02
- SSA:2014-213-02