ALT Linux Team

Package libgxps update in sisyphus on 2017-08-15

ALT-PU-2017-2061-1

Package libgxps updated to version 0.3.0-alt1 for branch sisyphus in task 187104.

Closed vulnerabilities

Published: 2017-07-20

BDU:2018-00009

Уязвимость функции caseless_hash (gxps-archive.c) библиотеки libgxps, позволяющая нарушителю вызвать отказ в обслуживании

Severity: HIGH (7.5) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References:
Published: 2017-07-24
Modified: 2024-11-21

CVE-2017-11590

There is a NULL pointer dereference in the caseless_hash function in gxps-archive.c in libgxps 0.2.5. A crafted input will lead to a remote denial of service attack.

Severity: HIGH (7.5) Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References:
VKontakte | Telegram | YouTube | Forum | GitHub | Bugzilla
Version: 2.1.0
Back to top